If you have followed the posts in this series, Part 3 left us with the following completed: Diagram of our architecture IAM roles S3 bucket and its policies The next step is to build the EC2 server. Requirements In order to do this properly, you’ll need to meet or exceed the minimum system requirements published by Ubiquiti. You can find those officially here, but at the time of this writing they are as follows:

Continue reading

Continuing on from Part 2 where we created the required IAM group, user, and policies we get to the exciting part…building! The first step is to create the storage backend. In this case we’re utilizing Amazon Simple Storage Service (S3). As usual, I will refer you to AWS’s docs for the official S3 guide for creating the bucket. The process itself is very simple, but there are a few details to pay attention to specifically regarding this application.

Continue reading

Part 1 of this series outlined the architecture, which is then followed by creating the IAM group, user, and policy the EC2 will use to place recorded video in the S3 bucket. Open the IAM console Create a group (I named mine ‘unifi’) Attach a policy to the group. This is an example policy that I created in the visual editor. You can open it or restrict it to fit your specific needs as this is not the most restrictive policy example.

Continue reading

Like many of you, I am watching the AWS re:Invent keynotes and announcements remotely. Being network and performance focused here are the announcements I am currently most excited about. I will update this list as the week progresses. VPC ingress routing now makes routing to virtual appliances easier! This is a much welcomed improvement as routing inside the VPC has always been a bit tricky and cumbersome. https://aws.amazon.com/about-aws/whats-new/2019/12/amazon-vpc-ingress-routing-insert-virtual-appliances-forwarding-path-vpc-traffic/ Transit Gateway Manager manages and monitors the on-prem to cloud networks centrally and easier.

Continue reading

There are some gaps and changes to this that I have not completed or corrected. I am currently working on another project. Please contact me if you are using this as a guide and would like a little help. I will get back to this tutorial at a later date. **_Notice: I am not an official representative or affiliate of Ubiquiti or AWS. The process outlined below represents the high-level steps I used to successfully launch this application myself.

Continue reading

AWS Immersion Day

This week I attended my first AWS Immersion Day. The event was hosted by Justin McWhirter [justindm.me]. The focus of the day was serverless, and was centered around the Wild Rydes Workshops. By the end of the day we ended up with a web application that looked like this that was built upon many integrated AWS services such as Cognito, Kinesis, S3, Lambda, Amplify, API Gateway, and more. As someone who spends my time generally focused on networking within AWS this was a welcomed change of pace and a good learning experience.

Continue reading

There are times when you may have a need to test server performance when investigating an issue or doing a predictive analysis. I learned an easy way to do this on Linux using the built-in ‘yes’ command. From the man page for the ‘yes’ command: NAME yes - output a string repeatedly until killed This does exactly as it says and will consume the CPU unless it is controlled or killed.

Continue reading

Wasabi Storage Storage is one of the costliest options in the cloud and probably the biggest deterrent to migration. Fortunately, a handful of contenders are changing the game and breaking into affordable options for personal budgets. One of these companies is Wasabi. I have embraced the AWS platform, so on the surface this appears to be in opposition to that. Maybe it is, but Wasabi utilizes AWS S3 on the backend with a pricing strategy fit for personal as well as business use.

Continue reading

As I’ve stated in previous posts, I currently use CloudFlare as my CDN. There are several reasons for this that I won’t go into now. One of the “ToDo’s” on my list has been to clear CloudFlare’s cache when I upload new content to my blog. I was finally able to spend some time and get that done. CloudFlare API To start things off I reviewed the doc for the CloudFlare API.

Continue reading

It’s important to know your limits. In this case study we find a situation stemming from SMTP being throttled. This is part of the packet capture I received: The top lines show the previous conversation ending. SMTP successfully sent 3 messages. After the 3rd message the mail server stopped responding and retransmits began. This pattern was repeatable. More than that it was repeatable from other EC2 instances. The only thing between the EC2 instances and the mail server was a router and a firewall.

Continue reading

Author's picture

Chris Sereno

For 11 years networking was my profession with a specialized focus on proactive and reactive performance analysis. More recently I have embraced the AWS platform. This blog reflects my experience both past and present.

AWS Architect at Caterpillar, Inc.

US