My Priorities for the Next Four Years —Schneier on Security “Like many, I was surprised and shocked by the election of Donald Trump as president. I believe his ideas, temperament, and inexperience represent a grave threat to our country and world.” https://www.schneier.com/blog/archives/2016/12/my_priorities_f.html
Up until today we had been using a map variable in terraform to choose our ubuntu 14 ami based on region. variable "ubuntu_amis" { description = "Mapping of Ubuntu 14.04 AMIs." default = { ap-northeast-1 = "ami-a25cffa2" ap-southeast-1 = "ami-967879c4" ap-southeast-2 = "ami-21ce8b1b" cn-north-1 = "ami-d44fd2ed" eu-central-1 = "ami-9cf9c281" eu-west-1 = "ami-664b0a11" sa-east-1 = "ami-c99518d4" us-east-1 = "ami-c135f3aa" us-gov-west-1 = "ami-91cfafb2" us-west-1 = "ami-bf3dccfb" us-west-2 = "ami-f15b5dc1" } } We would then set the ami id like so when creating an ec2 instance. ami = "${lookup(var.ubuntu_amis, var.region)}" The problem we ran into is that we now use Ubuntu 16 by default and wanted to expand the ami map to contain its ID’s as well. I quickly discovered that nested maps like the one below work. ...
I’m learning ruby. Finding time to work towards this goal is proving difficult but I’m forcing myself to use ruby wherever possible to aid in my learning. I’ll be putting some of my lame code on here to chronicle my learning and hopefully get some feedback on how I can improve things. I recently came across a good opportunity when I needed to generate a list of nodes to use with the puppet catalog preview tool ...
We’re working to upgrade our infrastructure to Puppet 4 and are making use of the catalog preview tool to help identify code that needs to be updated. The preview tool in and of itself is handy, but the output it produces can be a bit daunting. During the “Getting to the Latest Puppet” talk at puppetconf they pointed out a tool that professional services uses to create a nice html version of the output. Naturally I got excited to use this, but discovered it doesn’t properly work with open source Puppet due to some hardcoded Puppet Enterprise paths. Fortunately it was only 3 lines to update! My fork is here if its useful to others. ...
I’ve poked a lot of fun at chatops but I have found some value in portions of the practice. Let me state upfront that I do not believe paying attention to the chat room all day and having your attention interrupted non-stop is a productive or healthy practice. I have found some big benefits to “chatops” however. Visibility Work that is done in the chatroom, or filtered into the chatroom, is visible to the whole team. This helps the team be aware of what others are doing and stay up to date. I’ve picked up on quite a few things from this that I wouldn’t have learned other wise. This is also why we choose to route a fair amount of notifications into chat. For example we have Jira connected to HipChat and it makes it really easy to stay on top of issues. We also push commit notifications, build notifications, etc in the chatroom. The downside to this is that the rooms get noisy and make it harder to follow actual conversations between humans. One strategy we use to combat that is creating multiple rooms and focusing them around a subject. ...
This is immensely useful, and has been a huge time saver. [gallery size=full columns=1] —Practical 365 “PowerShell is an efficient way to perform management tasks for Office 365, and also allows a great deal of automation through the use of PowerShell scripts to perform routine and repetitive tasks.” http://feeds.feedblitz.com//203571740/0/practical365Saving-Credentials-for-Office-PowerShell-Scripts-and-Scheduled-Tasks/
This is excellent. https://m.youtube.com/watch?v=bRNJ9UVVZNY&feature=youtu.be
You have a directory with data, and now you’ve mounted a volume over it. How do you get to the data in the underlying directory without interrupting the mounted volume? Bind mount to the rescue! Bind mount the directory to another path and you can manipulate the files in underlying directory without disturbing the volume mounted atop of it.
I ran into issues upgrading two Digium Switchvox PBX’s to version 6.3 last night where they would no longer register with our SIP provider after the upgrade. Not a fun way to end a maintenance window. In both cases this was caused by differences in the new version of Asterick running under the hood (v13). Under the old versions we were required to configure the Proxy Host under the VoIP provider settings. After upgrading to 6.3 the proxy host setting caused the registration with our provider to fail. There wasn’t anything in the release notes pointing directly to this change but Digium support pointed it out. The best I can tell the behavior was likely introduced in version 6.1 (we upgraded from version 5 directly to 6.3). After removing the proxy host setting from the VoIP provider config in the Digium were able to successfully register and make calls. ...
While troubleshooting site to site links running OpenVPN recently I ran into an issue with MTU sizing on the ec2 end. When we originally setup the links we followed the performance tuning advice found here. The relevant portion is that we set tun-mtu 6000 Why did we do this? Here’s OpenVPN’s explanation By increasing the MTU size of the tun adapter and by disabling OpenVPN's internal fragmentation routines the throughput can be increased quite dramatically. The reason behind this is that by feeding larger packets to the OpenSSL encryption and decryption routines the performance will go up. The second advantage of not internally fragmenting packets is that this is left to the operating system and to the kernel network device drivers. For a LAN-based setup this can work, but when handling various types of remote users (road warriors, cable modem users, etc) this is not always a possibility. During later testing we discovered that we could easily push 40mb/s over the OpenVPN tunnel into the ec2 instance, but only 1mb/s or less going the opposite direction. Obviously not ideal. ...