Posts

Taming Temporary Server Chaos with OpenZiti

Image
Let me start by painting a picture for you—one that I’m sure many of you can relate to. You’ve got a new project on the horizon, a tight deadline, and the need to spin up a handful of temporary servers just to get things off the ground. Maybe it’s a quick proof of concept, or perhaps it’s a staging environment where you’ll be running tests for the next week or two. Sounds simple enough, right? But if you’re anything like me, this is where the headaches start. I can’t tell you how many times I’ve found myself in this exact scenario. I need those servers up and running, accessible from wherever I am, but the last thing I want to do is expose them that easily to the internet for management. We all know the drill—open ports are just invitations for trouble, and managing access to these servers quickly becomes a rabbit hole of security groups, firewall rules, and SSH key management, VPN's (I've done crazy stuff as adding PortKnocking and configuring each server indivudually). Before

ZDBC: The Future of Private Database Access

Image
INTRODUCTION Not that much ago Google sent me an email because they'll retire Google IoT Core in August 2023. I actually have a small project of mine running there (maybe I'll talk about it in the future); thing is, I looked into AWS as part of the improvements I'm basically using some Databases Services (Aurora with PGSQL Backend and Redshift). As still I do have some things running on Google and there're some communications between those two I needed to provided i decided to improve my communications using my new OpenZiti network. ZDBC is an implementation of JDBC that leverages the communication to my Ziti network to provide secure and connections to databases.  Alright, enough talking and let's get into, so, let me introduce my architecture: OpenZiti/ZDBC Architecture As you can see, my architecture, is quite simple. I do have my Controller and Fabric Router located in my Data Center. In my VCN in AWS I deployed a Virtual Machine with a Edge Router (I'll put

Embrace Secure Sharing with Zrok

Image
I'm sure this is not something just happened to me. How many times have you faced the problem of sharing some local service or development version of something you're building to a college? How many times have you faced the issue to share a file located in your endpoint and having to update it first to a share file service, so your peer, customer, partner, etc can download it? And how many times did you put that in public mode? did you forget to delete it? Those things happened to me time to time, and even when I became good with my policies on sharing, deleting, etc... what a pain in the rear... And now, I found zrok ! Ziggy-zrok zrok  is an open-source built on top of OpenZiti (Yes, the programmable zero-trust network overlay). As an OpenZiti Native Application, Zrok offers a unique combination of public and private resource sharing, as well as easy web sharing capabilities. As an open-source platform, Zrok can be self-hosted or used through the managed offering provided by N