在「Migrating to MySQL 8.0 without breaking old application」這邊看到這個有趣的故事 XD 這是作者的應用程式 Drupal 從 MySQL 5.5 一路升級到 8.0 的過程記錄...
真正的問題發生在 5.7 到 8.0：
原因是 Drupal 用到關鍵字了：
In fact, this old Drupal, uses a table name that is now part of the reserved keywords. It’s always advised to verify what are the new keywords reserved for MySQL itself. New features can also mean new keywords sometimes.
話說依照「File:Drupal release timeline.png」這邊的資訊，Drupal 6.2 也十年左右了？應該是 PDO 剛開始要推廣的年代，不知道他跑哪個版本的 PHP...
另外 MySQL 的升級意外的順利？雖然是一步一步升，但沒遇到什麼大問題...
忘記在哪邊看到的，分析 Android APK 檔的軟體：「Droidefense: Advance Android Malware Analysis Framework」。
Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in order to get to the code and 'bad boy' routine. Sometimes those techniques can be virtual machine detection, emulator detection, self certificate checking, pipes detection. tracer pid check, and so on.
Droidefense uses an innovative idea in where the code is not decompiled rather than viewed. This allow us to get the global view of the execution workflow of the code with a 100% accuracy on gathered information. With this situation, Droidefense generates a fancy html report with the results for an easy understanding.
看起來是輔助用的工具... 先記錄下來 XD
AWS WAF 推出了隨時更新的 Managed Rule：「Ready-to-Use Managed Rules Now Available on AWS WAF」。
這些 ruleset 是由 3rd-party 提供的：
Choose from preconfigured RuleGroups provided in the AWS Marketplace by industry leading security experts: Alert Logic, Fortinet, Imperva, Trend Micro and TrustWave.
Rules are automatically updated as new threats emerge and offer a wide range of protections, including OWASP Top 10 mitigations, bad-bot defenses, and virtual patching against recent CVE’s.
Each RuleGroup is the product of a Seller’s unique expertise, made available to you at an affordable pay-as-you-go price.
在 AWS Marketplace 的「Managed Rules for AWS WAF - Web Application Firewall」裡拿兩家來看看。
趨勢的「Trend Micro Managed Rules for AWS WAF - WebServer (Apache, Nginx)」與「Trend Micro Managed Rules for AWS WAF - Content Management System (CMS)」都是：
Charge per month in each available region (pro-rated by the hour) $5.00 / unit
Charge per million requests in each available region $0.20 / unit
而 Imperva 則是提供不一樣的選擇，在「Imperva - Managed Rules for WordPress Protection on AWS WAF」是：
Charge per month in each available region (pro-rated by the hour) $30.00 / unit
Charge per million requests in each available region $0.60 / unit
而「Imperva - Managed Rules for IP Reputation on AWS WAF」則是：
Charge per month in each available region (pro-rated by the hour) $40.00 / unit
Charge per million requests in each available region $0.40 / unit
AWS 應該是希望大家趕快把能換的 ELB 都換成新的 ALB 與 NLB，所以推出這個功能：「New One-step Migration Wizard to Migrate a Classic Load Balancer」。
Today, AWS announced the ability to migrate from a Classic Load Balancer to an Application Load Balancer or a Network Load Balancer in one step using a console-based migration wizard.
不過 ELB 有一些功能是目前 ALB 與 NLB 沒有的，像是一般性的 SSL offload (而非 HTTPS offload)，以及舊客戶會有的 EC2-Classic：
月初的時候 AWS ALB 支援 IP address 當後端 (AWS ALB 可以設定 IP address 當作後端伺服器了)，然後推出 AWS NLB (AWS 推出新的 Load Balancer：NLB (Network Load Balancer))，然後這個功能也被做到 NLB 上了：「Elastic Load Balancing: Network Load Balancer now supports load balancing to IP addresses as targets for AWS and on-premises resources」。
就如同說明的，這樣可以透過 VPN 架構 (無論是 AWS Direct Connect 或是一般的 IPsec VPN) 共用機房與雲端上的資源：
We are pleased to announce that Network Load Balancers can now distribute traffic to AWS resources using their IP addresses as targets in addition to the instance IDs. You can now also load balance to resources in on-premises locations reachable over AWS Direct Connect and resources in EC2-Classic. Load balancing across AWS and on-premises resources using the same load balancer makes it easy for you to migrate-to-cloud, burst-to-cloud, or failover-to-cloud.
除了中國區以外的 region 都可以用這個功能了：
Load balancing using IP addresses is available today for existing and new Network Load Balancers in all public AWS regions except the China (Beijing) region. You can get started using the AWS Management Console, AWS Command Line Interface (CLI), or AWS SDK.
大概是有時候 cluster 太小，ELB 或是 ALB 的費用反而比 cluster 還貴，再加上 ALB 提供起來算方便，所以就推出這樣的功能了：「New – Host-Based Routing Support for AWS Application Load Balancers」。
Host 欄位決定導到不同的 cluster 上了：
然後讓 ALB 可以設的 rule 數量增加：
As part of today’s launch we are raising the maximum number of rules per Application Load Balancer from 10 to 75, and also introducing a new rule editor.
AWS 總算是進入全面支援 IPv6 了：「AWS IPv6 Update – Global Support Spanning 15 Regions & Multiple AWS Services」。
之前不少服務都支援了，主要是差 EC2 與新出的 ALB，這一次大量服務都上了 IPv6 (但還不是全部)，算是讓 AWS 正式進入 IPv6 的世界：
Today I am happy to share the news that IPv6 support for EC2 instances in VPCs is now available in a total of fifteen regions, along with Application Load Balancer support for IPv6 in nine of those regions.
Jenkins 的 Blue Ocean 計畫打算改善讓人頭痛很久的操作體驗了：
Blue Ocean is a new project that rethinks the user experience of Jenkins.
Jenkins 讓人頭痛有兩個面向，一個是界面很難讀，另外一個是操作流程很沒有規則，所謂「熟悉 Jenkins」其中一個很艱難的任務就是要背下一堆功能「蔵在哪邊」。而這次 Blue Ocean 想改善的事情看起來主力放在界面，對於流程修的比較少... 即使如此，這還是可以讓使用的人減少一些痛苦就是了...
在專案頁面的後面有提到 Blue Ocean 用的技術：
又是個不需要用 SPA 呈現的東西跑去用 React 了...
前幾天跟 AWS 的人開會的時候得知 ALB 的 beta program，今天就看到正式公開的消息了：「New – AWS Application Load Balancer」。
最主要的是對 WebSockets 與 HTTP/2 的支援，這個需求都喊很久了：
WebSocket allows you to set up long-standing TCP connections between your client and your server. This is a more efficient alternative to the old-school method which involved HTTP connections that were held open with a “heartbeat” for very long periods of time. WebSocket is great for mobile devices and can be used to deliver stock quotes, sports scores, and other dynamic data while minimizing power consumption. ALB provides native support for WebSocket via the ws:// and wss:// protocols.
HTTP/2 is a significant enhancement of the original HTTP 1.1 protocol. The newer protocol feature supports multiplexed requests across a single connection. This reduces network traffic, as does the binary nature of the protocol.
另外是 url routing，不過目前看起來只能設 10 條，我猜可以問問能不能加吧：
An Application Load Balancer has access to HTTP headers and allows you to route requests to different backend services accordingly. For example, you might want to send requests that include /api in the URL path to one group of servers (we call these target groups) and requests that include /mobile to another. Routing requests in this fashion allows you to build applications that are composed of multiple microservices that can run and be scaled independently.
As you will see in a moment, each Application Load Balancer allows you to define up to 10 URL-based rules to route requests to target groups. Over time, we plan to give you access to other routing methods.
再來是改善了之前抱怨很多的 health check：
Application Load Balancers can perform and report on health checks on a per-port basis. The health checks can specify a range of acceptable HTTP responses, and are accompanied by detailed error codes.