Page 2 of 27

Great notes on development

https://blog.juliobiason.net/thoughts/things-i-learnt-the-hard-way/

The meaning of “phlpwcspweb3” or why you should not do abbreviations in the code

“phlpwcspweb3”  is found at the “Amazon Web Services – Tagging Best Practices

From what I see this is something related to web, and probably there are at least 3 instances of that kind.

According to AWS this should be meaningful hostname.

If you have decoded this you probably do not need to read further….

Continue reading

HTTPS Connections counting

Here is how one can setup a nginx to count the https connections made.

Preparation

Create a new folder

mkdir ~/docker_ssl_proxy
cd ~/docker_ssl_proxy

Put a dummy entry in your /etc/hosts file

127.0.0.1 YOURDOMAIN.com

Steps

First generate certificate

openssl req -subj '/CN=YOURDOMAIN.com' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365

create a new file something.conf with the following content

server {
  listen 4000 ssl;
  ssl_certificate /etc/nginx/conf.d/cert.pem;
  ssl_certificate_key /etc/nginx/conf.d/key.pem;

  # access_log /dev/stdout;
  access_log  /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  location / {
      return 200 'With style!';
      add_header Content-Type text/plain;
  }


}

Then run the docker with

docker run --rm -v `pwd`/logs:/var/log/nginx -v `pwd`:/etc/nginx/conf.d -p 4000:4000 nginx

Get the cacert

echo quit | openssl s_client -showcerts -servername server -connect YOURDOMAIN.com:4000 > cacert.pem
curl --cacert cacert.pem https://YOURDOMAIN.com:4000/ -d 'hello world'

And finally do some connections

go-wrk  -c=400 -t=8 -n=10000 -m="POST" -b='{"accountID":"1"}'  -i https://YOURDOMAIN.com:4000

 

Abbreviations lower our performance

I don’t know why people started doing abbreviations, maybe in the past, the bytes were expensive. I suppose life was harsh and there was no enough food for all and the way they named their programs and variables is mirroring their life. Nowadays we have enough goods and time and free space everywhere and we still name our variables/etc. like we are at the dark ages.

My point is that when we are solving some problem is good to have all neurons of our brain to work solving the problem. If we have to decrypt variables, our project structure is not good, we haven’t used with our editor then we are putting bariers which block us of seeing the best solution because our brain is dedicating 5-10% of its power for nonsense.

I am not saying that we should use full sentences of naming the variables/methods/classes/packages/programs. Only that we do not need to spent time decrypting the abbreviation.

I would love to see an operating system where there is no hackish syndrome.

In the cloud

AWS give examples in their documentation with hackish. How it is possible AWS to have so high expectations for hiring developers and let them act as a woodcutter.

The load balancer names in AWS have a size limit in their names so you that you can have YOUR-APP-us-east-1-production load balancer. You have to name it Your-APP-us-east-1-prod.

At Home

My son is learning his computer language and yesterday he asked me what do the method Intn(n Int) – I can’t answer.

“Mom brg me sndwch!”

At Work

Here are some very popular examples

  • dev > development
  • prod > production
  • ctx, ctx > context vs
  • obj > object

Linux

Do you know why we write “mount” to mount some file system, and “umount” to unmount? Why?

The opposite command “mount” is not abbreviated to “mnt” or even “mt”. This inconsistency is crazy!

For RobotsFor Humans
lsblkblock-devices
mountunmount

Running chef test-kitchen with newer vagrant

If you get

VBoxManage: error: The specified string / bytes buffer was to small. Specify a larger one and retry. (VERR_CFGM_NOT_ENOUGH_SPACE)

This means that the virtual machine needs a shorter name for the VM.

---
driver:
  name: vagrant
  customize:
    name: pdcsmb
    memory: 4144
    cpus: 4
  network:
    # - ["forwarded_port", {guest: 3000, host: 3000}]
    # - ["private_network", {ip: "192.168.33.33"}]

Bonus tip:

If you get

No live threads left. Deadlock?

Then remove all gems and reinstall chefdk.

Export database tables, fields comments as markup with Ruby on Rails

When you have to export the comments from the database you can use this short snippet to get the schema as markup.

content = ""
database_name = "DATABASE_NAME"
ActiveRecord::Base.connection.tables.each do |table_name|
  content << "h5. #{table_name}\n"
  rows = ActiveRecord::Base.connection.execute("SELECT table_comment 
    FROM INFORMATION_SCHEMA.TABLES 
    WHERE table_schema='#{database_name}' 
        AND table_name='#{table_name}';");
  puts rows.to_a.inspect
  content << rows.to_a.first.first << "\n"

  rows = ActiveRecord::Base.connection.execute("select table_name, column_name, DATA_TYPE, column_comment from INFORMATION_SCHEMA.COLUMNS where 1 AND TABLE_SCHEMA='#{database_name}' AND TABLE_NAME = '#{table_name}'")
  rows.each(:as => :hash) do |row| 
    puts row.inspect
    j = [ row["column_name"], row["DATA_TYPE"], row["column_comment"] ]

    content << "|#{j.join('|')}|\n"
  end
end; ''
puts content

The output should be something like

Table name

table description

column name, type, description

….. the next table

Running chef kitchen with cookbook dependencies

Berksfile

source 'https://supermarket.chef.io'

metadata

group :test do
  cookbook 'company_firewall', path: "../company_firewall"
  cookbook 'company_nginx', path: "../company_nginx"
  cookbook 'company', path: "../company"
  cookbook 'data-incoming', path: "../data-incoming"
  cookbook 'aws', path: "../aws"
end

metadata.rb

name             'data-listener'
maintainer       'Company'
maintainer_email 'sd@company.com'
license          'All rights reserved'
description      'Installs/Configures data-listener'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version          '0.2.32'

depends 'sysctl', '~> 1.0.5'
depends 'copany_firewall'
depends 'company_nginx'
depends 'aws'

 

Restrict /manage or /admin in Rails

You can do it from the Ruby on Rails application or even better way is to do it where you define your infrastructure and configure your proxy/loadbalancer etc. to allow it.

constrains manage
  class Whitelist
    def matches?(request)
      vpn = IPAddr.new("10.1.0.0/16")
      return true if Rails.env.development? || vpn.include?(request.remote_ip)

      Rails.logger.info("Blocking access for #{request.remote_ip} to #{rifiniti_vpn}")
      false
    end
  end

  constraints Whitelist.new do
    namespace :manage do
	...protected
    end
  end

 

mdadm: Duplicate MD device names in conf file where found.

remove the doublicate file from /etc/mdadm/mdadm.conf

cp mdadm.conf mdadm.conf.backup
grep -v "2 UUIDsomehing..." mdadm.conf.backup > mdadm.conf

Make sure the raid is up

mdadm --assemble --scan

Load the lvm volumes

lvm vgchange -ay
  • -a – activate
  • -y – complete

exit to try the changes

$(initramfs) exit

Now you system will boot

Making the changes permanent

Fix the /etc/mdadm/mdadm.conf file by removing the duplicate definition.

update-initramfs  -u -k all

If you are still in initramfs busybox

mkdir /target
mount /dev/md1 /target
mount -o bind /dev /target/dev
mount -o bind /proc /target/proc
mount -o bind /sys /target/sys
mount -o bind /dev/pts /target/dev/pts
chroot /target /bin/bash

Cheat

mdadm –detail /dev/md0 mdadm –detail /dev/md1

mdadm –detail –scan > /etc/mdadm/mdadm.conf

Stop an array & assemble array mdadm –stop /dev/md1

mdadm –assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1 mdadm –assemble /dev/md1 /dev/sda2 /dev/sdb2 /dev/sdc2 /dev/sdd2

 

38693387_2127079967530580_4018998239729549312_n (1)

Run kitchen with vaults

Way of testing kitchen with vaults

608bhtga3m_5v2so6hi74_vc102292

suites:
  - name: default
    run_list:
      - recipe[....
    data_bags_path: ../../data_bags_test
    attributes:
      chef-vault:
        databag_fallback: true

copy your data_bags/ and decrypted vaults/ content in a new folder containing the merged content from both folders.

Do not forget to add data_bags_test folder in .git_ignore.

 

image from www.wannapik.com

© 2020 Gudasoft

Theme by Anders NorénUp ↑