2020 Year in Review

Holy crap, that was intense….but not in the “good” way, like a roller-coaster or an exciting movie. 2020 was more of a drawn-out root canal without anesthetic. That being said, there were quite a few highlights for me personally (in no particular order):

  1. First full year with a new company. Seriously, I can’t recommend WWT highly enough. I haven’t found a person I don’t enjoy working with.
  2. Moved back to Texas. If asked “why?,” I’d probably respond with “To be closer to family!” If pressed, I’d more than likely say “It’s really the TexMex…”
  3. Knocked out some pretty major professional goals:
    1. AWS Certified Solutions Architect – Professional
    2. VMware Certified Professional – Network Virtualization
    3. Hashicorp Certified Terraform Associate
    4. Master Specialist – VMware Cloud on AWS 2020
  4. Wife still did NOT smother me in my sleep, even after 13 years of marriage….though, the serial killer podcasts are getting somewhat concerning/suspicious…hmm…
  5. Made it to 2021…

(Yeah, that last one seems obvious, but oh well…)

I’d say that a huge motivation for last year was goal-setting at the outset. Simply writing down a direction and plan-of-attack kept me focused and moving in the right direction. It really helps to decide whether you’re going on a stroll or a road-trip. The stroll is useful for clearing the mind, but a road-trip has a destination….at least, that’s the analogy I’m sticking with, darn it.

Sharing your goals is another thing that really helps. The team I work with establishes team and individual goals and publishes them on an internal site. You can see where everybody is at in their progress and either pitch in or offer encouragement…which leads to the last point: collaboration. I’ve never made as much progress as when I’ve teamed up with like-minded colleagues working toward the same goals. For certifications, study groups are great for keeping each other motivated. For large projects at work, a second set of eyes is invaluable, especially where another person may have more experience or a different perspective.

So, in summary: it was the best of times, it was the worst of…wait, no, that’s another book.

So, in summary: good times were had by all, set goals, find friends to help reach them.

So, what’s next? I’ll aim to share some of my own goals here, soon, within the next couple of weeks. You can either point and laugh or join in the fun…up to you…



AWS Certification Journey: Solutions Architect Associate

This time last year, I was counting down the last few days until I was to sit my first AWS certification exam, the Solutions Architect Associate. Starting in October of 2018 I’d decided that this would be the course I’d take next and began working toward skilling myself up in all things AWS. There is a lot of conceptual overlap between virtualization and Cloud, so personal experience combined with about three months of study led to my passing and achieving the cert.

I thought I’d share the things I used on the off chance anybody else finds it useful. What I find most useful is to identify more than one resource to get a different perspective on the objectives and, with the case of the book, it was also nice to be able to study offline. With the SA Associate certification, I used a combination of the exam blueprint, a textbook, multiple online classes, and (most importantly) hands-on experience. All told, it was a personal investment of only about $350, including the exam fee and any overages that may have exceeded the free tier.

The guidance from the two online courses was excellent and also provided a good deal of hands-on experience.

After you identify the resources you intend to use to study, the next thing you should do is pick a date for the exam and actually schedule it. The commitment of placing actual money is a great motivator. Scheduling will give you a deadline to work towards, not only making the goal real but providing a sense of urgency.


Book Recommendation: Terraform Up & Running

Quick book recommendation: Pick up Terraform: Up & Running when you get a chance. Great tool to add to your Cloud toolbelt for automating provisioning and adding on Infrastructure as Code.

I will post a more in-depth “review” when I’m done, but now half-way through and I’m already definitely finding it useful.


The “Right” Way to Access Private EC2 Instances

Accessing private EC2 instances from a public jump host presents a potential security issue. Every instance must be accessed using a private access key, but storing this key on the jump host is a bad (actually, very bad) idea. If stolen, this could allow any of your systems configured with the key to be compromised.

Try using ‘ssh-agent’ from your local system to store and use your private keys. This will allow your jump host to forward along or proxy the authentication without having to upload or share the key.

# Step 1 is to actually start 'ssh-agent'
# This outputs the commands to set the necessary environment variables
# and will display the PID of the agent.  
# Example:
$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-wlp2yfs0IEW8/agent.16882; export SSH_AUTH_SOCK;
echo Agent pid 16883;

# Step 2 is to store your private key using 'ssh-add'
# ssh-add privateKeyName.pem
# Example:
$ ssh-add kpSuperSecret.pem
Identity added: kpSuperSecret.pem (kpSuperSecret.pem)

Once the access key is stored locally, you can simply connect to your jump host with SSH as normal. From there, accessing the private hosts just requires you to add the “-A” flag:

$ ssh -A

# And then, on into the private instances:
$ ssh ec2-user@ip-someInternalIP.ec2.internal