How (and Why) to Log Your Entire Bash History

For the last three and a half years, every single command I’ve run from the command line on my MacBook Pro has been logged to a set of log files.

Uncompressed, these files take up 16 MB of disk space on my laptop. But the return I’ve gotten on that small investment is immense. Being able to go back and find any command you’ve run in the past is so valuable, and it’s so easy to configure, you should definitely set it up today. I’m going to share how to do this so you can take advantage of it as well.

Read more on How (and Why) to Log Your Entire Bash History…

Ansible Communication with AWS EC2 Instances on a VPC

I’ve recently started using Ansible to manage Elastic Compute Cloud (EC2) hosts on Amazon Web Services (AWS). While it is possible to have public IP addresses for EC2 instances on an AWS Virtual Private Cloud (VPC), I opted to place the EC2 instances on a private VPC subnet which does not allow direct access from the Internet. This makes communicating with the EC2 instances a little more complicated.

While I could create a VPN connection to the VPC, this is rather cumbersome without a compatible hardware router. Instead, I opted to create a bastion host which allows me to connect to the VPC, and communicate securely with EC2 instances over SSH.
Read more on Ansible Communication with AWS EC2 Instances on a VPC…

Managing AWS Route 53 Hosted Zones with AWS Lambda

On AWS, I use a Route 53 private hosted zone for Amazon VPC to allow me to conveniently address EC2 instances and other resources. While all EC2 instances are automatically assigned a private DNS entry, it is usually something fairly unintelligable such as “ip-172-31-51-229.us-west-2.compute.internal.” An entry like “website-production.atomic.aws” is much more helpful, especially when trying to configure communication between various EC2 instances that comprise a larger system.

I constructed an AWS Lambda function to automatically update the DNS records in my Route 53 private hosted zone whenever new instances are created. This ensures that the private hosted zone is up-to-date and can be relied upon for communication between EC2 instances.
Read more on Managing AWS Route 53 Hosted Zones with AWS Lambda…

Managing AWS CloudFront Security Group with AWS Lambda

One of our security groups on Amazon Web Services (AWS) allows access to an Elastic Load Balancer (ELB) from one of our Amazon CloudFront distributions. Traffic from CloudFront can originate from a number of a different source IP addresess that Amazon publishes. However, there is no pre-built security group to allow inbound traffic from CloudFront.

Read more on Managing AWS CloudFront Security Group with AWS Lambda…

Bash Completion, Part 2: Programmable Completion

Don’t miss the previous post in this series: Bash Tab Completion


With Bash’s programmable completion functionality, we can create scripts that allow us to tab-complete arguments for specific commands. We can even include logic to handle deeply nested arguments for subcommands. Read more on Bash Completion, Part 2: Programmable Completion…

Bash Completion, Part 1: Using Tab Completion

One of the most useful features I learned when I first started working with Linux was the “tab completion” feature of Bash. This feature automatically completes unambiguous commands and paths when a user presses the <TAB> key. I’ll provide some examples to illustrate the utility of this feature. Read more on Bash Completion, Part 1: Using Tab Completion…

SSL Certificate Expiration Checker

IT Operations teams frequently have the responsibility to ensure that SSL certificates for various websites are valid and renewed on a regular basis. While SSL certificate vendors often provide reminders and warnings when the certificates are about to expire, this is not always effective–especially when a variety of different SSL vendors have been used, or different parties are responsible for purchasing and maintaining the certificate.

To prevent SSL certificate expirations from going unnoticed, I wrote an application that checks the certificates from a variety of sites and ensures that they will remain valid for a certain number of days in the future.
Read more on SSL Certificate Expiration Checker…

Linux Utilities for Diagnostics

I spend a fair amount of time troubleshooting issues on Linux and other Unix and Unix-like systems. While there are dozens of utilities I use for diagnosing and resolving issues, I consistently employ a small set of tools to do quick, high-level checks of system health. These checks are in the categories of disk utilization, memory and CPU utilization, and networking and connectivity. Triaging the health of the system in each of these categories allows me to quickly hone in on where a problem may exist.
Read more on Linux Utilities for Diagnostics…