12/08/2024 - 16/08/2024
What are my current goals?
- Finalize the engineering part of my transfer project (TA) by addressing SSH agent forwarding issues on Windows.
- Start the new semester at FFHS after the summer break.
- Explore a backup solution for the old Amanox SharePoints on Amazon S3.
What did I do?
The summer holidays are over, and classes at the FFHS have resumed. This week, I focused on advancing the practical part of my transfer project, which involves automating the update and migration process for WordPress Bitnami instances on AWS Lightsail. This tool aims to reduce recurring manual tasks for hosting administrators who manage WordPress environments on AWS Lightsail and has been made publicly available on GitHub so that others can benefit from it as well.
WordPress Bitnami instances on AWS Lightsail cannot have their LAMP stack components updated individually. To keep the environment up to date, a new Lightsail instance must be provisioned with the latest Bitnami image, followed by a content migration from the old instance. The tool I’ve developed automates this process using Terraform, with SSH agent forwarding to securely migrate data without moving private keys between servers.
The tool works well on Unix-based systems (I primarily use macOS). However, I encountered issues when attempting to run the same automation on a Windows machine. Specifically, Terraform’s remote-exec provisioner on Windows only supports Pageant as the SSH agent, while I planed to implement it with OpenSSH. This caused execution failures during the migration process.
To troubleshoot, I manually tested the SSH agent forwarding in PowerShell on Windows. After adding the private key to the agent and establishing an SSH connection from one remote instance to another, I was able to execute the necessary migration commands successfully. However, when trying to automate this process using Terraform, the provisioner failed because it only supports Pageant for SSH authentication on Windows. :-(
Aside from this engineering work, I also dealt with internal IT tasks related to backing up our old SharePoint sites from the Amanox tenant to Amazon S3. Initially, I considered using a Python script to download the data via the Microsoft Graph API and upload it to S3 with Boto3. However, the Graph API encountered issues with larger files, sometimes returning a 503 Service Unavailable error. I decided to switch to using Rubrik RSC for exporting the data archives and then uploading them to S3 using the AWS CLI (aws s3 sync), which proved to be a faster and more reliable solution.
How did I improve and what will I do differently from now?
The issues I encountered with SSH agent forwarding on Windows highlighted the importance of understanding platform-specific limitations when developing cross-platform tools. Unfortunately, it turned out once again that you can’t trust a tool like Terraform to work the same way on Windows as it does on MacOS. In future, I will have to focus more on clarifying such inconsistencies in advance so that this can be known and avoided earlier.