Rohmat Tri Indra – RoTreeiN

Kubernetes January 31, 2023January 4, 2025 by Rohmat Tri Indra

Intercept Application Traffic on Kubernetes with Telepresence

Goal Prerequisites How to Install TelepresenceInstall telepresence on your local laptop, please follow the documentation for the installation steps. The k8s cluster for testing purposes is running on Azure Kubernetes Service. Please set context Kubernetes cluster. When we use the command telepresence connect to the Kubernetes cluster side, Telepresence will create a namespace ambassador and…

Continue readingIntercept Application Traffic on Kubernetes with Telepresence

Security January 12, 2023February 10, 2025 by Rohmat Tri Indra

Cert-Manager with Let’s Encrypt & Cloudflare

In this guide, we’ll walk through the steps to set up Cert-Manager on a Kubernetes cluster, configure a Cloudflare API token for DNS-01 challenge validation, and issue SSL/TLS certificates for your domain. This process ensures that your applications are secured with Let’s Encrypt certificates, leveraging Cloudflare for DNS-based verification Create CRD Before installing Cert-Manager, it’s…

Continue readingCert-Manager with Let’s Encrypt & Cloudflare

CI/CD January 8, 2023January 4, 2025 by Rohmat Tri Indra

Integrate Terraform CI/CD with Atlantis

Atlantis is a powerful automation tool designed to streamline collaboration and code review workflows for Terraform infrastructure as code (IaC). It acts as a bridge between version control systems (VCS) like Git and Terraform, facilitating a smooth and efficient process for managing infrastructure changes On this case, we deployed the Atlantis on Ubuntu VM Install…

Continue readingIntegrate Terraform CI/CD with Atlantis

Database May 8, 2021January 5, 2025 by Rohmat Tri Indra

Deploy MySQL InnoDB Cluster

In this article, we’ll explore the step-by-step process of deploying an InnoDB Cluster on MySQL, empowering you to harness the full potential of this robust database solution Configure instance We have three instances for the build cluster. Each instance must be configured individually before joining the InnoDB cluster to achieve fault tolerance. Please repeat this…

Continue readingDeploy MySQL InnoDB Cluster

Networking January 8, 2021May 11, 2024 by Rohmat Tri Indra

Integrate OpenVPN with Google SSO

Integrating OpenVPN with Google Single Sign-On (SSO) streamlines user authentication and access management processes, enhancing security and user experience. By leveraging Google as the identity provider, users can log in to OpenVPN using their Google credentials, eliminating the need for separate usernames and passwords Prerequisites Create LDAP Client Download the certificate. Install package dependencies Install…

Continue readingIntegrate OpenVPN with Google SSO

Networking May 6, 2020November 5, 2020 by Rohmat Tri Indra

How to enable Change Configuration Notification on Oxidized

Goal : We have diff config notification if there are config changes on network devices Requirements: msmtp msmtp-mta ansi2html oxidized script Package Installation pip install ansi2html apt-get install colordiff msmtp msmtp-mta -y Put the script below, it will automatically create oxidized-report-git-commits in folder /opt/oxidized chmod +x /opt/oxidized/oxidized-report-git-commits The part of configuration which will send via…

Continue readingHow to enable Change Configuration Notification on Oxidized

Security April 29, 2020October 30, 2020 by Rohmat Tri Indra

How to enable Two Factor Authentication on Tacacs configuration

Previously I have written the article about Install tacacs+ on debian that support for multiple network devices, this now In order to secure remote access connection to several network devices such as Cisco NX-OS, HPE Comware-7, Juniper and Aruba Switch, I will enable two-factor authentication on tacacs configuration Requirements : tacacs+ libpam-google-authenticator google authenticator apps…

Continue readingHow to enable Two Factor Authentication on Tacacs configuration

Monitoring September 20, 2019July 4, 2020 by Rohmat Tri Indra

Monitoring MTR Statistic with Influxdb & Grafana

The sometimes network guy confused to determine root cause related network problem & no data statistic to report as evidence of the root cause at the previously time. This time we will create a simple script to collect data and stored into influxdb. Take a cup of coffee and smoke ( not on the water…

Continue readingMonitoring MTR Statistic with Influxdb & Grafana

CI/CD September 3, 2019February 20, 2021 by Rohmat Tri Indra

Build infrastructure in GCP with Terraform and Gitlab-CI

I will share a little bit about how to integration terraform with gitlab CI. I think many automation tool for deployment infrastructure starting from building, changing, and versioning infrastructure safely and efficiently. Straight to point in this case we will give an example of how to deploy compute instances in environment GCP with terraform &…

Continue readingBuild infrastructure in GCP with Terraform and Gitlab-CI

Networking August 26, 2019August 27, 2019 by Rohmat Tri Indra

Site to Site VPN IPSec Between GCP and Juniper SRX

The following scenario IPSec Tunnel Between GCP Cloud VPN to Juniper SRX Create VPN Connections -> Classic VPN No need to configure parameter phase 1 & phase 2, because cloud VPN auto-negotiates the connection as long as the peer side uses a supported IKE cipher setting. Check documentation The following Juniper SRX Configuration Create interface:…

Continue readingSite to Site VPN IPSec Between GCP and Juniper SRX