Blog‎ > ‎

Locking, Deadlock, Backdoors, Learning, TOR, Concurency, Isolation, Ansible, Salt, MemSQL

posted Feb 7, 2015, 2:52 AM by Sami Lehtinen   [ updated Feb 7, 2015, 2:53 AM ]
  • Reminded my self about PostgreSQL explicit locking
  • It's interesting to see how some topics pop up again and again. One developer was wondering why everything is working well in his development environment. But hangs semi constantly in production. He didn't know about situation called a deadlock. See deadlock for dummies.
  • CPU backdoors - Post about potential hidden backdoors in CPU's. 
  • Why learning to code is so hard - Learning this take time, and people run into same 'tricky things' over and over again. Like the deadlock lock stuff above.
  • Once again encountered web designers dream. Absolutely horrible mobile site implementation. First I open page X from site, full size is completely loaded taking forever. Then there's a popup suggesting that I should use mobile site. Fine. I'll use it. Next thing I notice, I'm thrown back to the front page of of the site, and not to the mobile version of page X. I just don't get what kind of guys develope sites like this. There are multiple fails. Why to load full site? Why to show popup after loading it? Why to redirect user back to front page and so on. Hopeless. Let's see if they're able to fix it. And this site www.yrittajat.fi (Finnish entrepreneur site) isn't the only site which is designed so badly. I've seen multiple other sites too. I've even dropped some from my bookmarks, because I just hate crappy sites. Thank you so much for delivering very bad UX, wasting bandwidth, showing popups and finally frustrating users when they have to look for the article / page again. 
  • Updated my own mail system to use latest versions of postfix, dovecot, roundcube, gpg and so on. Also fixed issues with RoundCube date column field content which was empty with previous version even if time zone information was configured in php.ini for apache2 & RoundCube. Still using sqlite3 with RoundCube because it's actually optimal solution in this case. Compared to over heavy bloated database solutions. 
  • Dell server RAID controller blowed up. Good thing was that the customer as using RAID1. So I was able to recover data from disks directly without using the RAID controller at all. This is one of the benefits of RAID1 which might be forgotten at times. Recovering data from more exotic RAID configurations might be practically impossible. Was there a backup? No, why there would be, we're using redundant and reliable disk system. ;) - Business as usual. 
  • Read MongoDB 3.0 documentation and especially focused on $isolated operator -  - which allows modifying multiple embedded documents in single document. This is actually exactly how Google App Engine Datastore Collections work by default. As well as checked it's concurrency FAQ. - a “readers-writer” lock as “multi-reader” or “shared exclusive” lock.
  • Security Now #493, TOR Not So Anonymous - Again one of major problems with TOR is low latency as well as it doesn't protect against traffic confirmation attacks. 
  • Check out Practical Data Science in Python - It uses pandas, scikit-learn (sklearn), numpy. kw: Naive Bayes, Nearest Neighbour (kNN), Bagging (Random Forests). Nice charts, example data and code. Excellent resource if you need to bootstrap your Python data science.
  • There's a reason why donating to GPG is really important. Here's great article about it. - Maybe Wegner should just ask how much NSA would be ready to pay for trivial access to encrypted data. 
  • Still baffled how most developers and operations guys seem to think that sending email is so complex thing. They don't understand that some SMTP servers are firewalled and some other require credentials. Even as bonus to that, they don't understand how SPF works and why it can prevent recipients from receiving emails that some guys have forged by using unauthorized email services and so on. Same fun goes on, every year day after day. After endless discussions, results are poor and no basic understanding exists how things should be done. It's wonderful to notice how incredibly complex some simple things are. Another interesting things is that people don't understand that mail can be delivered directly to the recipient, there's no need to user SMTP relay server(s) when delivering email to single destination.
  • Received some pretty ridiculous offers from HP about system service. I wonder who said that Apple pricing is expensive? Ha, that's nothing compared to HP service pricing. 
  • Continued to check out different orchestration aka configuration management solutions. [ Ansible, SaltStack, Chec, Puppet Heat/HOT, Juju, BoxStarter & Chocolatey, Fabric, Invoke, Capistrano, Fabric, Func and Docker ]. Created and pushed one (private) test container to Docker Hub. 
  • Some projects do contain multiple complex dependencies which require compilation and installation. It would be easier to deliver everything in one Docker container ready to run.
  • SaltStack or Ansible? - Ansible and Salt: A detailed comparison - Still need more time to check these out, when required. Currently there's no real need to do it, but situation is starting to near the point where it would be helpful to have easy way to get everything installed. In most of cases ready image is used, so there's no need for configuring the system separately, but that's not always a viable option.
  • Based on quick checkes I might try BoxStarter and Ansible, those are very different solutions. So it remains to be seen which one is better for our needs. I assume both solutions require writing some custom PowerShell scripts to manage many of the the system security, access and so on related settings, but that's not a problem for me. 
  • Some cloud service providers like UpCloud - Got their own UpCloud API for managing virtual servers and resources.
  • Played with MemSQL for a few hours. - Offical MemSQL site - Nice, if you need it. In my case, I don't currently see any use. Database is database, and if I got something in memory, I most likely have it in some of the standard Python data structures or data in one primary dictionary and then link dictionaries to that main dictionary which 'index' the keys I need to look for in the primary dictionary. Works nicely sofar. MemSQL might simply soem of the multiprocess & sharding and synchronzation / transaction / locking stuff, but I haven't yet had any problems with those. 
  • PyPy 2.5.0 released which does include support for Python 3.2.5. I'm using for most of my projects the current 3.4 version, but often there's no reason why the code wouldn't run with Python 3.2.5 or PyPy, except a few native binary libraries which would require some work before being compatible.
  • Public NTP service (Finnish) provided in Finland by MIKES