-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Overall, I think in an article that focuses on cloud computing (specifically AWS) there's too much time being spent in the local command line of a server.
It's an especially revealing sentence when the authors says that "Most attacks won’t be against what we’ve covered in this guide, but against the applications you install next. Properly done, containers can limit the impact."
If we are running containerized applications and we are already in the cloud, why are we futzing around on the command line of a Linux box? Why are we not using a cload orchestrator that abstracts the OS from the equation entirely?
If we do have a need to be on a bare Linux box, all of this OS configuration is better handled with cloud init [1], a configuration management tool like Ansible, and/or by building an image with Packer.
I know that seems like overkill for a small hobby reluctant sysadmin project type of deal but it's very little extra effort once you get used to the workflow. I would even recommend putting this infrastructure in Terraform even though, again, it seems like overkill at first.
Someone else in the comments mentioned that it's easier to just start with a hardened image from the AWS Marketplace, and I also agree with that idea. Find a free hardened image and make that the base for your system.
[1] https://cloud-init.io