Welcome on François' Blog

10 last posts

• Redis 12 - Managed Redis for Python Microservice in CloudRun 23/02/2024, François Cerbelle Redis Redis Enterprise Python Microservice FastAPI Docker Google GCP CloudRun PaaS DBaaS Managed Redis REST API Stateless

  I explain step by step how to implement a #Python FastAPI stateless microservice to serve data from a local dockerized Redis-stack, a local dockerized #Redis Enterprise and a managed DBaaS Redis Enterprise. I also explain how to dockerize the API, execute it locally, and make it run as a Google #CloudRun service. With source code and #RedisInsight developer companion client connection to the different databases.

• Redis 11 - Comment déployer et superviser Redis Enterprise et une application avec l'opérateur dans AKS 31/01/2023, François Cerbelle Redis Azure Azure Kubernetes Services AKS K8S Opérateur Prometheus Grafana Conteneur Docker DockerHub Superviser

  Nous allons voir comment déployer et superviser un cluster Redis Enterprise, des bases Redis et une application dans Azure Kubernetes Services (AKS), à l’aide de l’opérateur Redis pour Kubernetes (K8S), Prometheus et Grafana.

• Redis 10 - How to manage RBAC security with ACL and Role 28/05/2022, François Cerbelle Redis Authentication Authorizations Permissions Roles ACL RBAC Access Control Security Administration Security groups Groups REST API REST API

  How Redis Enterprise’s role based access control (RBAC) works and can be used to improve the security and industrialize Redis ACL for authentication and authorizations on data and commands at scale ?

• Redis 09 - How to manage security, data-access and permissions with Redis ACL 13/05/2022, François Cerbelle Redis Database Data-access Access control Authentication Authorizations Permissions ACL Access Control Lists Security Administration

  How to secure Redis with accounts and passwords for authentication and with access control lists for commands and data permissions. Introduction, explanation and demonstration of what are ACLs in Redis.

• Avis, installation et utilisation de la tablette Huion Inspiroy WH1409 sous Debian 24/09/2021, François Cerbelle Linux Debian Buster Tablette graphique Huion WH1409 Inspiroy Pilotes Drivers X11 Xorg Compiz Krita Blender OpenToonz StoryBoarder Zoom Microsoft Teams Teams Google Hangout Hangout Citrix GoToMeeting GoToMeeting BigBlueButton OBS Open Broadcast Studio Digimend Compiz

  Comment installer, configurer et utiliser une tablette graphique Huion Inspiroy WH1409 sous Linux Debian Buster. Installation d’un pilote (driver), configuration du serveur XOrg, configuration des paramètres de la tablette pour les boutons, configuration multi-écran. Configuration et utilisation dans Blender, Krita, OpenToonz, Compiz, StoryBoarder, Zoom, Microsoft Teams, Google Hangout, GoToMeeting, BigBlueButton, Open Broadcast Studio (OBS), Compiz …

• Debian11, Server, FWLogWatch for a daily firewall log analysis 24/06/2021, François Cerbelle Debian11 Server GNU Linux Linux Debian Debian 10 Debian 11 Buster Bullseye Server Installation FWLogWatch Logs analysis Security Firewall

  FWLogWatch installation and configuration to parse the IPTables logs and report them groupped in very few summary lines by email. It helps to very quickly identify potential attacks and maintain the filter rules.

• Debian11, Server, LogWatch for a daily aggregated log analysis 24/06/2021, François Cerbelle Debian11 Server Debian GNU Linux Linux Debian Debian 10 Debian 11 Buster Bullseye Server Installation Logwatch Analysis Aggregated log analysis Log Summary Security

  Whereas LogCheck is low level and hourly log lines extractions, LogWatch is higher level daily log analysis with aggregation to have behavior statistics and detect trends, slow scans or slow attacks. The email reports are shorter and consolidated. This is a very short basic default installation documentation blog post. Part of my default server installation.

• Debian11, Server, Logcheck to notify about any unknown activity 10/06/2021, François Cerbelle Debian11 Server GNU Linux Linux Debian Debian 10 Debian 11 Buster Bullseye Server Installation Logcheck Log analysis Analysis Security Notification Detection

  Logcheck installation and configuration with tuning. Logcheck parses the system logfiles, removing known legitimate patterns and sends the remaining lines to the administrator. It reports all the unusual activity, helping to detect attack attempts or successful attacks that would not be catched by other tools. I prefer to have less notifications, and to read them all, instead of having too many and skip them.

• Debian11, Server, Tripwire to detect penetration 02/06/2021, François Cerbelle Debian11 Server GNU Linux Linux Debian Debian 10 Debian 11 Buster Bullseye Server Installation HIDS IDS Integrity Intrusion Penetration Security Tripwire

  Tripwire is one of my favorite security tool, probably one of the most efficient. How to install and configure tripwire on a Linux Debian 11 Bullseye server to detect a penetration and react quickly. It takes securized footprints of files in the filesystem and periodically check that they did not change.

• Debian11, Server, RKHunter to check for malwares and corruptions 31/05/2021, François Cerbelle Debian 11 Server GNU Linux Linux Debian Debian 10 Debian 11 Buster Bullseye Server Installation RKHunter Tripwire Security Rootkits IDS HIDS

  RKHunter installation and configuration to check for critical files changes against automatic snapshots and for known rootkits. It also checks for processus with open descriptor on deleted files, for binaries which are actually scripts, … This helps to detect when a system was compromised.