Mail Basics — about MX records, A records, TXT records etc

CF. MainEnable Setup
Prerequisites >>
- install software on a Master Server
- Need A record of mail.Master Server
- Need MX record of mail.Master Server
- IIS needs to route traffic to the Master Server (for web console client)

Attaching EFS to Rocket Chat or MongoDB instance
1. Beware of the Security groups
2. Install yum install nfs-utils (to mount via nfs)
- you can mount via nfs, efs helper(DNS), or by IP
3. execute command mount -t nfs4 -o XXXXX:/ /where/you/want/to/mount(inlocal)
- to unmount umount /where/you/mounted/on/local

  • * You should not mount where there is existing files (will disappear until you umount) — just like a room, overriden by a new room
  • * Permissions on docker containers!
    ex. Docker container /app/uploads
    mount to Local /uploads — mounted with EFS /uploads
    *** need to MOUNT EFS and then change /uploads (permissions)…

First Create Active Directory in AWS
- (type in like a domain name)
- 2 Availability zones

Create Master Server EC2

  • add this computer to the domain !
    ( System Properties > Computer Name Domain > Add the domain)
    - If cannot find domain -> need to add the domain name(or IP) in the computer network configurations
    - To avoid this you can click on “domain add” during EC2 provisioning
  • ncpa.cpl (network control pannel A) : network and internet>network connections
  • Ethernet > properties > IPV4 click > properties
  • You need to type in DNS server manually (DHCP settings )…

  • How to check ports running (used ports)
    netstat -ab
  • Cp command
    copy DIRECTORY/filename DIRECTORY/tofilename
  • View file (=cat)
    type <filename>
  • Set environment variable (export $XXX)
    for /f %i in (<command>, output) do setx RELEASE_VERSION=%i /M
  • 2 commands at once
    - IF you want to run it tgt (without sequence)
    : <command> & <command>
    - IF you want to run it with sequence (Dependency)
    : <command> && <command>
  • How to redirect/configure IP tables
    : netsh advfirewall firewall add rule name=”HTTPS port” dir=in action=allow protocol=TCP localport=443
    : netsh interface portproxy add v4tov4 listenport=443 connectport=8080 connectaddress=
  • In resource (EC2), you should provide securitygroupID, instead of actual securitygroup name → or will throw parameter group error
  • If you launch AMI with Windows, the administrator password will be the same + also you will not be able to retrieve a new windows password
  • AWS::CloudFormation::WaitCondition is to WAIT until the configuration stpes are done — before announcing the EC2 creation complete !
    Must use together with WaitConditionHandler
  • If you use custom AMI image, User data will not probably be execued, since it’s already started
  • Every command in the “init:config” section, will wait for 60 seconds to reboot if not specified “waitAfterCompletion: 0”

AWS Secrets Manager
→ create the key — could be RDS, DynamoDB, or custom
→ Put in any <key> <value> pair

How to access :
1. via program code ex. require(aws)
2. via CLI command line
this will output a JSON format of file

  • Prerequisite
    - aws configure (login to AWS with right user)
    # Need to add in Secret Key & Secret Access Key
    - Need to create git-lab user to access in IAM
    # 1. create gitlab-user
    # 2. Add policy “secretsmanager:GetSecretValue”
    { “Version”: “2012–10–17”,
    “Statement”: [
    { “Sid”: “GitlabCiPolicy”,
    “Effect”: “Allow”,
    “Action”: [
    “secretsmanager:GetSecretValue” ],
    “Resource”: “*”…

Cache vs Artifacts

  • Cache are globally defined
    if you cache .m2/respository → all the later stages/jobs will have that repo by default
  • Artifacts are defined within a “stage”
    if you make .m2/repository artifact → all the jobs in the SAME STAGE will start with that repo
    — but if different stage, will not pass through
  • stage vs job
    stage is what you define in beginning (test, deploy, build)
    and jobs make up the stage (job is the granular definition for gitlab)
    **** Jobs are run concurrently in the same stage
  • Stage, Job best practices :
  • if you want to…

Standard process
git status
git add .
git commit -m “new change”
git push [repository name]

How to push to branch
git status
lets you check which branch you’re on
git branch OR git branch --list
git branch june
git checkout june

How to pull ONLY a branch repo
git clone -b june <repo url>

If there is no “REMOTE” repository but have “local” repository
will get error that there is no upstream branch
git push --set-upstream origin[repositoryname] june

How to check origin (=remote branch)
git remote -v
git remote set-url origin new.git.url/here

When your instance failes to create
— Because they failed to create specific resources (security group, route53)
— Because the success health check signal didn’t come through for a certain time → This doesn’t give you much info about error
(Mostly because of Metadata(cfn-init) or UserData)

Then How should we Troubleshoot?
* Turn Off the “roll back function
- So we can go into the instance to troubleshoot
→ ‘Stack Creation Option’ : Rollback — disable (When launching template)

Then SSH into instance and Check — Metadata, Userdata, etc
* /var/log/cfn-init.log
* Check User Data Script : cat /var/lib/cloud/instance/scripts/part-001

June Chung

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store