NOTE: This issue was resolved on May 17th 2024. There is an issue with the sign-in flow in the v1.4 of the Amazon Q Developer extension release last night. This only impacts Code Server used in the workshop and does not impact the desktop version. To revert to v1.3, run the following script in the Code Server terminal. sudo rm -f /tmp/AmazonWebServices.amazon-q-vscode.vsix Q_URL=https://github.com/aws/aws-toolkit-vscode/releases/download/amazonq/v1.3.0/amazon-q-vscode-1.3.0.vsix curl -fsSL $Q_URL -o /tmp/AmazonWebServices.amazon-q-vscode.vsix sudo -u ubuntu --login code-server --install-extension /tmp/AmazonWebServices.

After two years of little to no travel, it picked back up in a big way for 2022. My daughter, Emily, has become a huge fan Dr Martens shoes during the pandemic. She owns four pairs. So I have started taking detours to FaceTime her from Dr Martens stores in cities around the world. It turns out that these stores are in really interesting parts of town. These little detours have taken me to some cool places outside the tourist areas.

I have a few Raspberry Pis around the house doing various tasks and wanted to automate Docker image builds using AWS CodeBuild. I assumed I could build on the Graviton ARM instances and run on the Pi. It works with the raspbian/stretch base image, but the Raspbian images are not actively maintained. When I switched to alpine base image, I started getting this error on the Pi. standard_init_linux.go:207: exec user process caused “exec format error”

RSQL is a command-line client for Redshift. Unlike the psql command-line, RSQL has control flow commands (IF, ELSE, GOTO, etc.) that are useful for ETL jobs. I want to run RSQL in a Fargate container so I call it from Step Functions ETL workflow. Overall this was fairly straight forward, but I’ll document it anyway. Setup In my use case, I am converting hundreds of Teradata BTEQ scripts to RSQL using the Schema Conversion Tool (SCT).

AWS Amplify is a framework to accelerate web and mobile application development. I needed to build an API that would return a binary object. Specifically, it allows me to download a PDF file. I could not find an example so I am documenting it here. In the end it was crazy simple. You just need to add a single line "BinaryMediaTypes": ["application/pdf"] to the AWS::ApiGateway::RestApi resource in the CFN template created by Amplify.

I published a post this summer with a few simple demo applications I use when configuring AWS infrastructure. I needed something similar for a serverless application on AWS. In other words, a Lambda function sitting behind an API Gateway or Application Load Balancer (ALB). I tend to use this simple Node.js function. It will return whatever it received as input. This is useful when you are debugging the infrastructure. For example, configuring Cognito with API Gateway or OIDC with ALB.

Every Halloween my kids and I build some kind of decoration to scare everyone. The past few years we have been evolving a pneumatic wolf head that pops up and scares you. Then, it takes a picture of you looking silly. It was based on a RaspberryPi and AWS IoT. This year I wanted to move to Arduino, but I could not find instructions for connecting to AWS IoT from the Arduino.

AWS Directory Services allows you to join AWS resources to Microsoft Active Directory. This includes Amazon Relational Database Service (RDS), Amazon FSx, Amazon Workspaces, Amazon Appstream 2.0, Amazon Connect, Amazon QuickSight, Amazon WorkDocs, Amazon WorkMail, and of course Amazon Elastic Compute Cloud (EC2) Windows instances. In addition, AWS recently announced the ability to Seamlessly Domain Join Linux EC2 Instances. As I modernize .NET applications by moving to .NET 5 and Linux, I can continue to leverage Active Directory for credential management.

I need to run a load test against Redshift. However, rather than repeatedly running a few sample queries, I want to replay all queries from the audit log over a period of time. I had never tried to do this in JMeter so it took a little hacking to get it working. I’m running this against Redshift, but the logic should apply to any workload. For example, you could use your web server logs to replay HTTP requests.

When doing a customer demo, I often need a simple app. Generally I am discussing the infrastructure – Elastic Load Balancer, API Gateway, etc – and the application is unimportant. I have found that phpinfo is a great sample application because it shows the headers received by the server. This allows me to see x-forwarded-for headers, etc. On Windows, ASP.NET Tracing provides similar results. Keep in mind that these utilities expose a lot of info about your environment so use them wisely.

I have been working on multi-tenant OpenSearch (a.k.a. Open Distro for ElasticSearch) project. This article (https://www.elastic.co/blog/found-multi-tenancy) (from 2015) outlines a few isolation models and the issues you are likely to hit with each. Below I look at two options: one index per tenant and multiple tenants per index with document level security – a feature of OpenSearch. Provisioning I created a simple single-node Elasticsearch cluster on a t3.small. This is really small but I want to put pressure on the system and see how it scales.

When moving from SQL Server to PostgreSQL a common issue is case sensitivity. PostgreSQL 12 adds support for nondeterministic collations. These are my notes from testing various scenarios in Aurora. In my opinion CITEXT is still the best option despite native support. Create some test data First, Create a new Case Sensitive and Case Insensitive collation. Technically these exist under other names, but I thought his was more clear in the examples.

In this final post I’ll list a few additional optimizations for reducing the first invocation times. See part one and two for more details. Burst CPU According to this video Lambda functions get additional CPU during the initialization phase. That extra CPU can help with JIT compilation but .NET lazy compiles code as it encounters it. Therefore, the function handler is not compiled until it’s executed, which is after the CPU is constrained.

I’m abandoning the multi-cloud blog hosting model that I was using in favor of AWS Amplify to simplify TLS configuration. But I thought I should document the old approach a little further in case I ever go back to it. The build pipeline for my blog fails every once in a while. For example, there was an issue with the Azure CLI earlier this month. Each time that happens it takes me a few minutes to remember how the pipeline works.

In part one, I looked at what happens the first time an ASP.NET application is invoked in Lambda. When we left off, we had a roughly 3 second initial response time. In this post I’ll focus on the initialization phase and part three will focus on invocation. ReadyToRun As I mentioned earlier, one cause of long cold start times in .NET is Just In Time (JIT) compilation. As each .NET assembly is loaded, the runtime converts the Intermediate Language (IL) into machine code for the specific platform it is running on.

The ability to host an ASP.NET project in AWS Lambda is a great way to get started with serverless. However, cold starts can result in a slow first invocation of the ASP.NET function. In this post I’ll set up a typical, albeit simple, application to gather benchmarks. In part two and three, I will explore a few options to speed up initialization and invocation respectively. Background A Lambda function is fundamentally different from a traditional application.

In the post, I will show you how to build a Linux container in Visual Studio running on a EC2 Windows Instance. The AWS Toolkit for Visual Studio allows you to deploy your project to Elastic Container Service (ECS) Fargate and recently as a container image to AWS Lambda among other options. In both of these cases, you must build a Linux container from Visual Studio or the dotnet command line.

I recently upgraded my home network from the Ubiquiti EdgeRouter to the UniFi Security Gateway (USG). Similar to the EdgeRouter, the USG supports most common configuration tasks from the web UI, but advanced configuration is only available from the command line. While you can configure a VPN tunnel to AWS from the UI, it does not allow you to configure redundancy or Border Gateway Protocol (BGP). With everyone quarantined – working and learning from home – I have been struggling to find time to hack the router.

Pearson OnVUE Broke Mac Mission Control Pearson has started offering Online Proctored exams. You download the OnVUE application and take the exam from the comfort of your home. This sounds great, but the actual experience was poor. Here is how to fix Mission Control and App Expose after taking an exam. I took an exam last week. I won’t mention which because I have not passed it yet. I have never failed a certification exam, but I am superstitions and never talk about an exam until I clear it.

Cloud Storage and Trailing Slashes Shortly after configuring this site to be served simultaneously from AWS, Azure and GCP, I realize I had a bug. Occasionaly the images were not loading. Ironically this was only happening on the Multi-Cloud Blogging post. After some investigation, I found this caused by how various providers handle a URI without a trailing slash. Specifically Azure. The Issue When I render the footer of this blog, I include the name of the cloud provider that served the page.

I spent some time over Thanksgiving moving my blog from Blogger to Hugo. I have been hosting my site in an Amazon S3 bucket with an automated build in AWS CodeBuild. That has been running well for the past month and I have worked out most of the kinks. So, I decided to make my blog Multi-Cloud and host it on AWS, Azure, and GCP while load balancing traffic across the three platforms.

When I first moved over to Hugo, I struggled to get the robots meta tag working. Note that I am using the Ananke theme and this may be different for other themes. Primer Honestly, I have not spent a lot of time in my career on SEO and did not have a deep understanding of how the robots meta-tag and robots.txt file work. Here is a quick primer. First, a page can include a meta-tag in the header that specifies that a page should be indexed by search engines or not.

I have been moving my blog to Hugo over the holiday weekend. I am working in a Cloud9 instance. Cloud9 allows you to preview an application running in the Cloud9 instance by proxying the connection through the Cloud9 service. The URL for the proxy uses the following format. https://CLOUD9_ENV_ID.vfs.cloud9.AWS_REGION.amazonaws.com/ The problem is that Hugo renders fully qualified URLs that include the baseURL found in the config file. I could update the config file, but I know I am going to accidentally check it in that way.

I have been working on a project to deploy Elastic Kubernetes Service (EKS) at an Academic Medical Center. They want to deploy a private cluster that does not have internet acess. EKS supports this, but DNS resolution can be tricky. There is an AWS blog post that explains how do it. Ultimately, we need an inbound R53 resolver ENI in the EKS VPC. When you configure EKS with a private endpoint it configures DNS to only respond to requests from within the VPC.