January 27, 2012


Adam Olsen
The Lute Saga

In December, 2007, I was watching the History Channel, like I often did at the time. I’m not sure what show was on, but the episode was, I think, about ancient instruments and early music.

This sparked a wikipedia session, where I looked up the origins of my own favorite instrument, the guitar. I found out about one of the guitar’s cousins, the Lute. I wondered if people still played it, and looked it up on YouTube.

I immediately fell in love. I liked everything about it. I loved the music, I loved the idea that it was an instrument that people played for hundreds of years. I loved the way the intrument itself looked. I loved to listen to it and close my eyes, and to be transported to that time in the past. Maybe people dancing at a masquerade ball to the music (though, I don’t know if that ever happened, or could have happened, being that the lute is a very quiet instrument).

Anyway, the point is, I was hooked right away. I started trying to find out how I could get one. Not an easy task, as only a small group of people play them these days, and an even smaller group make them. In general, you have to get on a luthier’s waiting list, pay him a bunch of money, and hopefully you’ll get a lute at some point.

After looking around some, I found a lute player that lived here in Salt Lake City, and called him up. I went and visited him, and saw some real life Baroque Lutes in person.

Eventually I picked a luthier to make me one, payed the deposit, and got on his waiting list. After two years of waiting, I got an email from him saying that he had injured his hand, and would no longer be making lutes. He sent back my deposit, and I was back at square one.

I looked around some more for a while, on and off. I never did get on another waiting list. Lots of other things were going on in my life (having a kid, moving to and from Seattle, etc).

In December last year, 4 years after I had originally decided I needed a lute, I found a luthier that was making the type of lute I wanted (a 13 course Baroque Lute), and didn’t have a buyer for it yet. I jumped on board, and sent him the deposit.

This brings us to right now. As of today, I’ve completely paid for the expensive instrument, he’s done making it, and it’s just waiting in his workshop in New Zealand for the case to come in so he can ship it to me.

I’m sure there’ll be more Lute posts in the future, but for now, here’s a picture he sent to me:

January 27, 2012 07:24 PM

Ryan Byrd
BASH push/deployment scripts which scp files from staging to production

developers have sandboxes with code checked out from svn. they develop code there. once it’s good, they check code in and then update the staging server with that new code. it’s tested there by QA. once QA signs off, then those specific files are pushed out to the production servers by the release manager by running the pshfiles.sh script. the script pushes to one or all servers, emails the dev team, logs the push, checks the servers afterwards for health and clears the zend cache.

[deployer@staging ~]$ cat pshfiles.sh
#!/bin/bash
if [ "$1" == '' ]; then
   echo "Usage: pshfiles.sh [file_name_with_files_in_it] [server_name]"
else
SERVER=$2
if [ "$SERVER" == "all" ]; then
SERVERLIST=( web1 web2 web3 )
else
SERVERLIST=( $SERVER )
fi
 
for SERVER in ${SERVERLIST[@]}
do
   while read line; do
      echo "psh $line $SERVER"
      pshonenocache $line $SERVER
   done < $1
done
 
FILESPUSHED=`cat $1`
sendEmail.pl -s smtp.example.com -f deployer@example.com -m "these files were pushed: \n $FILESPUSHED" -xu deployer@example.com -t devteam@example.com -xp password -u "Code pushed to $2"
 
echo "Clear Zend cache?"
read ZEND
if [ "$ZEND" == "y" ] || [ "$ZEND" == "Y" ]; then
/usr/bin/clroptcache $2
fi
 
fi

where pshonenocache is:

[deployer@staging ~]# cat /usr/bin/pshonenocache
#!/bin/bash
TODAY=`date '+%Y-%m-%d %H:%M'`
if [ "$1" == '' ]; then
   echo -n "Which File?"
   read -e FILENAME
else
   FILENAME=$1
fi
 
if [ "$2" == '' ]; then
   echo -n "Which Server? (web1,web2,web3,all) : "
   read -e SERVER
else
   SERVER=$2
fi
 
if [ "$SERVER" == "all" ]; then
SERVERLIST=( web1 web2 web3 )
else
SERVERLIST=( $SERVER )
fi
 
for SERVER in ${SERVERLIST[@]}
do
        if [ -e $FILENAME ]; then
                echo -e "$TODAY: Company SOURCE Update ONE FILE: \tscp $FILENAME deployer@$SERVER:$FILENAME" | tee -a ~/updateLogs/$SERVER-updates.log
                scp $FILENAME deployer@$SERVER:$FILENAME
        fi
 
done
/usr/bin/checkwebservers

where checkwebservers is:

[deployer@staging~]$ cat /usr/bin/checkwebservers
#!/bin/bash
echo -n "Checking Web Servers after PSH: "
SERVERSTATUS=`wget -qO- http://example.com/checkServersStatus.html|grep "All is Well"|wc -l`
DETAILEDSTATUS=`wget -qO- http://example.com/checkServersStatus.html`
 
if [ "$SERVERSTATUS" != "1" ]; then
        echo "CRITICAL - one of the web servers isn't well: $DETAILEDSTATUS"
else
        echo "OK - The webservers look good"
fi

and clroptcache is

[deployer@staging ~]# cat /usr/bin/clroptcache
#!/bin/bash
 
if [ "$1" == '' ]; then
   echo -n "Which Server?( web1,web2,web3,all) : "
   read -e SERVER
else
   SERVER=$1
fi
 
if [ "$SERVER" == "all" ]; then
SERVERLIST=( web1 web2 web3 )
else
SERVERLIST=( $SERVER )
fi
 
for SERVER in ${SERVERLIST[@]}
do
        echo -e "Clearing Zend Optimizer Cache on $SERVER \n"
        if [ "$SERVER" == "web1" ]; then
                wget -qO- http://10.10.10.1/cacheclear.php | cat
        fi
        if [ "$SERVER" == "web2" ]; then
                wget -qO- http://10.10.10.2/cacheclear.php | cat
        fi
        if [ "$SERVER" == "web3" ]; then
                wget -qO- http://10.10.10.3/cacheclear.php | cat
        fi
done

sometimes (rarely) you might want to push ALL files. then you use the psh script:

[deployer@server ~]# cat /usr/bin/psh
#!/bin/bash
TODAY=`date '+%Y-%m-%d %H:%M'`
if [ "$1" == '' ]; then
   echo -n "Which Server? (web1,web2,web3,all) : "
   read -e SERVER
else
   SERVER=$1
fi
 
echo "run PHP Lint check first? (on files modified during last X days?)"
read -e LINT
if [ "$LINT" == "y" ] || [ "$LINT" == "Y" ]; then
echo "how many days?"
read DAYS
cd /classes && find -name "*.php" -mtime -$DAYS -exec /usr/local/zend/bin/php -l {} \;
fi
 
if [ "$SERVER" == "all" ]; then
SERVERLIST=( web1 web2 web3 )
else
SERVERLIST=( $SERVER )
fi
 
for SERVER in ${SERVERLIST[@]}
do
echo -e "$TODAY: Company SOURCE Update:" | tee -a ~/updateLogs/$SERVER-updates.log
echo "Updating $SERVER..." | tee -a ~/updateLogs/$SERVER-updates.log
echo "Command DRY Run:" | tee -a ~/updateLogs/$SERVER-updates.log
rsync -avczne ssh /classes/ $SERVER:/classes/ --links --exclude-from "/home/deployer/rsync_exclude.txt" | tee -a ~/updateLogs/$SERVER-updates.log
rsync -avczne ssh /var/www/ $SERVER:/var/www/ --links --exclude-from "/home/deployer/rsync_exclude.txt" | tee -a ~/updateLogs/$SERVER-updates.log
echo -n "Press Y to Accept This Change : "
read dec
if [ "$dec" == "Y" ]; then
        rsync -avcze ssh /classes/ $SERVER:/classes/ --links --exclude-from "/home/deployer/rsync_exclude.txt" | tee -a ~/updateLogs/$SERVER-updates.log
        rsync -avcze ssh /var/www/ $SERVER:/var/www/ --links --exclude-from "/home/deployer/rsync_exclude.txt" | tee -a ~/updateLogs/$SERVER-updates.log
 
else
   echo 'Command NOT Accepted' | tee -a ~/updateLogs/$SERVER-updates.log
fi
 
echo "Done!" | tee -a ~/updateLogs/$SERVER-updates.log
 
done
 
echo "Clear Zend cache?"
read ZEND
if [ "$ZEND" == "y" ] || [ "$ZEND" == "Y" ]; then
/usr/bin/clroptcache $1
fi
 
/usr/bin/checkwebservers

what’s next? well, it would be nice to be able to revert pushes quickly. so perhaps taking a backup right before would be handy. otherwise, you have to rollback the svn commit and repush.

January 27, 2012 05:37 PM

Phil Windley
Podcatchers for Smartphones
IT Conversations Logo

As you might guess, given that I'm Executive Producer of IT Conversations, I like listening to podcasts. I'm also an iPhone user. Not to put too fine a point on it: iTunes sucks rocks for listening to podcasts. The problem is mostly that iTunes has a crappy interface for subscribing to and managing podcasts. It also downloads only one episode per day, with no way to change the defaults. Moreover it will stop downloading podcasts that you haven't listened to for a while and you have to remember to go in an start it up. I started feeling like I had to "take care of iTunes" like it was a recalcitrant pet or something.

For some reason, it never really occurred to me to download an app for listening to podcasts, although I've downloaded several single purpose ones (like the This American Life app). Then Paul Figgiani introduced me to Downcast. I'm in love. I no longer have to fight iTunes and all my favorites are right there waiting for me to listen to them when I go for a walk or drive to work. The interface is good, with plenty of controls for skipping forward and back or adjusting the playback speed. I also like the built-in "share" features although I wish they allowed me to customize the default text for the share.

Unfortunately, Downcast isn't available on Android. I have an Android tablet (Galaxy Tab) that I've used Google Listen on. It's a functional podcatcher, albeit a little bare-boned compared to Downcast: no speed or skipping controls and no built-in sharing.

So, go grab Downcast, plug in the IT Conversations feed URL and enjoy great tech talks from the longest running podcast on the planet...no matter where you're at.

Tags: itconversations podcasting rss iphone android

January 27, 2012 04:20 AM

January 26, 2012


Adam Olsen
Site direction switch, and synicworld.com

I haven’t posted in forever. I have a bunch of things I want to post about, though, and I will continuing forward.

Thing is, a lot of these things I want to write about having absolutely nothing to do with the tech world, and I didn’t feel that it was appropriate to post non-techy things on “vimtips.org”.

So, I’ve registered a new domain, called http://synicworld.com, and that will be the new face of this blog. vimtips.org will still go here too, for now. Anyone want to buy it? :)

January 26, 2012 10:59 PM

January 22, 2012


Tom Hatch
Salt 0.9.6 is out!

Salt 0.9.6 is a fairly minor release, this release has been pushed to fix a few key issues with distribution packaging, as well as a few keys bugs.

Salt 0.9.6 also comes with a few great new features, including additions to the file.managed state, and some minion memory improvements.

It is also noteworthy that we have begun the process to move the documentation over to readthedocs.org and will be creating a community landing page at saltstack.org, and a corporate support and services page at saltstack.com.

The full release notes can be found on read the docs:

http://readthedocs.org/docs/salt/en/latest/topics/releases/0.9.6/

The source can be downloaded via github:

https://github.com/downloads/saltstack/salt/salt-0.9.6.tar.gz

 


January 22, 2012 06:18 AM

January 20, 2012


Jared Smith
Thoughts on Progress

I tend to measure the success of an tech event (such as FUDCon) not by how many people show up or what talks were given, but by the work that happens in the days and weeks after the event.  By that measure (along with the traditional measurements), our recent FUDCon event was a huge success.  I have also been inspired by the friends in our community who have publicly posted their post-FUDCon to-do lists, so that we can all have insight into the work that FUDCon helped bring to light.

Rather that give a day-by-day account of my own FUDCon activities, I want to just highlight some of the the things that resonated with me at FUDCon.

First, I was impressed with the Virginia Tech campus.  It was a beautiful location for the event, and the amount of space we had was absolutely fantastic.  Thanks again to Ben Williams and the Math Department at VT for their awesome support.

Second, I was impressed with the number of people who had planned ahead for the conference, and came prepared to both learn and share.  I didn’t see too many people this year just hanging out in the hallway checking email, so that’s probably a very good sign.

I was happy to see how many of the various Fedora groups really had their act together for FUDCon.  Just to highlight a few that caught my eye: The Docs team had several introductory sessions and a hackfest, which helped get some new people up to speed in the docs tooling.  The Cloud SIG had a wide variety of talks on different aspects of cloud computing.  I didn’t get to participate with much of the Infrastructure team’s sessions, but they all seemed interesting and were usually completely full. The ARM SIG also had a huge presence at the conference — with a marathon run of non-stop ARM work happening throughout the conference, and some nice give-aways to help entice more people to join the SIG and contribute.

As a Fedora Board, we met a couple of different times (once on Friday and once on Sunday) to discuss Board goals and work on other Board business.  The board decided that in order to lead by example we would each choose a project to champion over the next year, and that we would make regular reports on how those projects are going.  I’ve asked each of the Board members to pick their project over the next week or two, and be prepared to present it at our Board meeting on February 1st.  If you have ideas or causes that you would like the Board to take up, please don’t hesitate to let the Board know, either personally or via the advisory-board list.  I know a couple of the Board members already have their projects picked out, but I’m sure other members would love feedback and ideas.  I really enjoyed the opportunity of meeting with the Board in a more personal setting, and having the chance for higher-bandwidth communications, and I hope that we can make that happen more often in the future.

Besides all of the technical discussion that happened at FUDCon, I was happy to participate in a number of different talks aimed at making the human side of Fedora more enjoyable.  Whether it was talk about how to better attract new participants or improving exiting processes for Ambassadors,  really enjoyed the ideas and brainstorming that came out of those discussions.  I’m looking forward to seeing how we can improve things in this regard over the coming year.  I also enjoyed the chance to interact with many of the community members in some light-hearted activities as well, including getting bowling tips from Russell Harrison, getting lots of photography tips (and good stories) from Eric Christensen, having a good snowball fight with Jeroen van Meeuwen, and having a good impromptu swordfight with Mark Terranova.  All of these things helped keep me from going too crazy with all the logistics around FUDCon.

So to everyone who participated or supported those who did, let me say thank you.  Now let’s get back to work and finish up all those things we talked about doing, and keep making forward progress…

January 20, 2012 03:47 PM

Phil Windley
My Letter to Senator Hatch in Opposition to PIPA

The Honorable Orrin Hatch
104 Hart Office Building
Washington, DC 20510
Fax: 202-224-6331

Dear Senator Hatch,

I'm writing to express my opposition to the Protect IP Act (PIPA). I have a PhD in Computer Science, have taught Computer Science at BYU, started several high-tech businesses in Utah (one of which, iMall.com, sold to Excite@Home in 1999 for $450 million), was the CIO for the State of Utah under Gov. Michael Levitt, and am the Precinct Vice-Chair in Lindon 04.

I'm pleased with Sen Reid's decision to postpone the vote and with your recent opposition to PIPA. However I'm still concerned that the thinking that led to PIPA will lead to other equally bad legislation in the future.

The problem with PIPA and similar legislation is that it looks at copying as a feature of digital goods that can be selectively disabled. In fact, everything I know about computer technology leads me to believe that copying will only get easier and easier as technology progresses. We will never again live in a time when copying things is as difficult as it is now. And this will be true regardless of the laws we pass because copying is fundamental to the nature of computers and digital goods.

Consequently, efforts to make copying more difficult by technical means (such as the DNS blocking provisions in PIPA and SOPA) hurt legitimate uses of technology while leaving those who would copy without permission plenty of ways to circumvent those measures. You cannot plug this hole by hobbling the Internet and also be a proponent of economic growth. Those positions are incompatible.

I believe that the answer lies in enforcing existing laws in the courts where the accused are afforded due process and in working with other nations to create legal regimes wherein the guilty can be tried and punished. There are no technical shortcuts that will solve this problem.

I'd be happy to discuss this matter in more detail. I look forward to seeing you at the convention.

Respectfully,
Phillip J. Windley, Ph.D.

Note: the paragraph about copying paraphrases Cory Doctorow's argument in his talk The Coming War on General Purpose Computing. I recommend listening to it.

Tags: politics utah internet technology

January 20, 2012 03:42 PM

Clint Savage
Today at SCaLE10x: System Administration Study Group

If you haven’t heard my ranting and raving about the SysadminSG last weekend at FUDCon, it went pretty well. Turns out, this weekend is another run of the event. The goal is to help Fedora contributors (and others) prepare for the tough world of Linux system administration.

If you attend the event, you will receive two study guides and an ec2 instance for about 24-hours. The idea is that you will spend the day today studying with others to improve your system administration skills. There are no instructors, but I will be there to get the ec2 instances setup and help with any non-study related issues.

If you are interested in the sysadminSG,  come visit us at SCaLE10x today:

Southern California Linux Expo 10x (SCaLE10x)
Los Angeles Airport Hilton – Catalina C
9am – 5pm

Cheers,

Herlo

January 20, 2012 03:26 PM

January 19, 2012


Clint Savage
FUDCon Blacksburg: sysadminSG, Fedora Infrastructure, pam_otp and more!

Well, FUDCon Blacksburg has come and gone. I believe it was the most productive I’ve been at a FUDCon EVER! I was able to get quite a bit accomplished and much more than I had planned!

What was it that I did, you ask? Well let me tell you all of the tasks I was able to complete.

System Administration Study Group

Over the past year, I’ve been working on a way to do a regular free study group for those who want to improve their system administration skills, get certified, or just brush up on something they didn’t quite understand.

Enter sysadminSG, a self-guided tour of many of the standard tasks any system administrator should know. The main goal was to create an instance of a Fedora 14 machine for studiers to use.

Some of the tasks on the study sheets indicate certain issues that would need to be resolved which can’t be resolved without a ‘master’ instance. I was able to recruit a couple of excellent individuals to help get this further than I thought it would. Jon Stanley and Ivan Makfinsky helped put together many of the pieces which will help studiers get more done. Specifically, an ldap server for centralized authentication and iscsi target luns for use with LUKS encryption, LVM and disk partitioning.

Fedora Infrastructure

I attended the Fedora Infrastructure session, where we covered two major things of concern. One was removing the puppet staging branch and moving everything into ‘Production’. This is a mental shift for many, but makes sense because in truth, everything maintained from an infrastructure perspective is production.

Additionally, a longer term plan of being able to spin up ‘staging’ environments for any new things that will go into production looks to be the direction we’ll be going. Many of the applications we have in Fedora require some work to get us to this point, mostly so they can be more atomic pieces. I think a proof of concept environment will provide us with an good idea of how much work will be involved.

pam_otp

After the Fedora Infrastructure hackfest, there was a two-factor authentication hackfest. We discussed using Yubikeys and a unique PIN together for authentication within Fedora. The initial goal was determined to setup sudo authentication for sysadmin-main group with two-factor authentication.

Nathaniel McCallum found the pam_otp library and was able to get it to compile. He passed it on to me to test and document it, which I was able to get working after a drunk night by the fire. I was then able to document the usage of it and have a test rpm that we’ll be using.

All in all, it was a very productive weekend and more work will be getting done over the next few weeks as well. It’s all very exciting and fun, a really good reason for attending FUDCon!

Cheers,

Herlo

January 19, 2012 07:47 PM

January 18, 2012


Ryan Byrd
mysql strip outliers for average and standard deviation
We have 10 distributors for a tire.  Each one has a different price:
 
   1. 100
   2. 120
   3. 99
   4. 140
   5. 210
   6. 40
   7. 104
   8. 102
   9. 103
  10. 150
 
We need to, in SQL hopefully, exclude the higher and lower prices automatically and get an average of the closest prices.

Here’s a quick answer:

identify outliers (1 standard deviation from the mean):
 
mysql> SELECT tires.price, (tires.price - agro.mean) / agro.dev AS num_devs  FROM tires CROSS JOIN (     SELECT AVG(price) AS mean, STDDEV(price) AS dev      FROM tires ) agro WHERE ABS( tires.price - agro.mean ) / agro.dev > 1 ORDER BY tires.price
    -> ;
+-------+------------------+
| price | num_devs         |
+-------+------------------+
|    40 | -1.8407371215298 |
|   210 |  2.2338111943565 |
+-------+------------------+
2 rows in set (0.00 sec)
 
mysql>
 
strip outliers:
mysql> select t.price from tires t left join (SELECT tires.id, tires.price FROM tires CROSS JOIN (     SELECT AVG(price) AS mean, STDDEV(price) AS dev      FROM tires ) agro WHERE ABS( tires.price - agro.mean ) / agro.dev > 1 ORDER BY tires.price) o on t.price=o.price where o.price is null;
+-------+
| price |
+-------+
|   100 |
|   120 |
|    99 |
|   140 |
|   104 |
|   102 |
|   103 |
|   150 |
+-------+
8 rows in set (0.00 sec)
 
get your stats, excluding those outliers:
mysql> select avg(t.price), stddev(t.price) from tires t left join (SELECT tires.id, tires.price FROM tires CROSS JOIN (     SELECT AVG(price) AS mean, STDDEV(price) AS dev      FROM tires ) agro WHERE ABS( tires.price - agro.mean ) / agro.dev > 1 ORDER BY tires.price) o on t.price=o.price where o.price is null;
+--------------+-----------------+
| avg(t.price) | stddev(t.price) |
+--------------+-----------------+
|       114.75 | 18.673175948403 |
+--------------+-----------------+
1 row in set (0.00 sec)
 
mysql>

see for reference: http://www.sitecrafting.com/blog/stats-in-mysql-pt-outliers/

January 18, 2012 10:30 PM

Tom Hatch
Salt Named Black Duck Software Open Source Rookie of 2011

Salt Named Black Duck Software Open Source Rookie of 2011
Selected From Thousands of New Open Source Projects from
Ohloh.net and Black Duck® KnowledgeBase™

Salt Lake City and BURLINGTON, Mass., January 18, 2011— Salt, a central configuration management and remote execution engine, today announced that it has been selected as a 2011 Rookie of the Year by Black Duck Software. The prestigious annual award identifies the top 10 open source projects of the year, based on an analysis of open source projects found in the Black Duck® KnowledgeBase™ and Ohloh.net.

Black Duck reviewed thousands of open source projects that were initiated in 2011 to select the fourth annual Open Source Rookies of the Year. Using a weighted scoring system, points were awarded based on commit activity (commits per day), size of the project team and the number of in-bound links to the project. Black Duck determined the top 10 projects following an audit of its findings and normalization of scores.

“We are pleased to recognize Salt as one of 2011’s Rookies of the Year,” said Peter Vescuso, executive vice president, marketing and business development at Black Duck Software, the leading global provider of strategy, products and services for enabling enterprise scale adoption of open source software (OSS). “The Rookies represent open source innovation at its finest, driven by the forces of community, creativity and commitment to open source values, and Salt exemplifies these characteristics.”

Key takeaways from the 2011 Rookies of the Year include:
Nine of the top 10 and 56 percent of the top 50 projects are now on github. In 2010, just four of the top 10 and 32 percent of the top 50 projects were on github, a major shift in just one year. In the balance of the top 50 projects, GoogleCode was the repository for 10 percent, followed by SourceForge at four percent.

Javascript (28 percent), Java (14 percent) and Ruby (12 percent) were the languages of choice for the top 50 Open Source Rookies.

Three of the top 10 new projects in 2011 use the Apache License, Version 2.0, and one each chose the GPLv2, GNU AGPLv3, SpringSource License, Eclipse Public License, Mozilla Public License Version 1.1, WTFPL, and the Common Public Attribution License.

“Salt is pleased to be named as a Black Duck Open Source Rookie,” said Thomas S Hatch, Salt project Founder. “Salt has proven that the right idea, the right code and most importantly, an open community, can produce with little to no resources a project that can stand toe to toe with large organizations.”

For more information about the 2011 Open Source Rookies of the Year, please visit www.blackducksoftware.com/rookies.

About Black Duck Software
Black Duck Software is the leading provider of strategy, products and services for automating the management, governance and secure use of open source software, at enterprise scale, in a multi-source development process. Black Duck enables companies to shorten time-to-solution and reduce development costs while mitigating the management, compliance and security challenges associated with open source software. Black Duck Software powers Koders.com, the industry’s leading code search engine for open source, and Ohloh.net, the largest free public directory of open source software and a vibrant web community of free and open source software developers and users. Black Duck is among the 500 largest software companies in the world, according to Softwaremag.com. For more information, visit www.blackducksoftware.com.

About Salt

Salt is a Remote execution and central configuration management system. Salt is being developed as a platform for bringing advanced cloud concepts and controls to the forefront and developing the next wave of computing beyond the cloud.

Black Duck Press Contacts
Sarah Gerrol
Black Duck Software
press@blackducksoftware.com
+1 781-891-5100

Ann Dalrymple
TopazPartners
adalrymple@topazpartners.com
+1 781-404-2432

Salt Press Contact

Thomas S Hatch
President – Salt Stack, LLC
thatch@saltstack.com
+1 801-509-7004


January 18, 2012 05:10 PM

Ryan Byrd
Settting up Linux PPTP VPN connection (client)
yum install pptp-linux
yum install pptp
vi /etc/ppp/chap-secrets
vi /etc/ppp/peers/myvpnname
vi /etc/ppp/ip-up

where:

[root@server local]# cat /etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client        server  secret                  IP addresses
VPNUSERNAMEHERE PPTP VPNPASSWORDHERE *

and

[root@server local]# cat /etc/ppp/peers/myvpnname
pty "pptp VPNIPADDRESS --nolaunchpppd"
name VPNUSERNAMEHERE
remotename PPTP
require-mppe-128
file /etc/ppp/options.pptp
ipparam myvpnname

and

[root@server local]# cat /etc/ppp/ip-up
PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH
 
LOGDEVICE=$6
REALDEVICE=$1
 
[ -f /etc/sysconfig/network-
scripts/ifcfg-${LOGDEVICE} ] && /etc/sysconfig/network-scripts/ifup-post --realdevice ${REALDEVICE} ifcfg-${LOGDEVICE}
 
/etc/ppp/ip-up.ipv6to4 ${LOGDEVICE}
 
[ -x /etc/ppp/ip-up.local ] && /etc/ppp/ip-up.local "$@"
 
exit 0

and then run it!

pppd call myvpnname
ip route add 10.0.0.0/8 dev ppp0
January 18, 2012 04:32 PM

Corey Edwards
SOPA/PIPA Blackout

Today is the great SOPA/PIPA blackout. These are two proposed bills in Congress which would create a censorship regime for the Internet, much like China, Iran, and Syria have. And we know how great those governments are, so why wouldn't we follow in their footsteps? Wikipedia and Google are the most notable, but thousands of other sites went offline in protest. We at zmonkey.org fully support these actions. Draconian Internet censorship laws are not the solution to anything, especially not when the primary problem is an outmoded business model in Hollywood. If you value your freedom on the Internet, join me in telling your representatives how horrible this proposal is.

January 18, 2012 03:22 PM

January 17, 2012


Aaron Toponce
Protesting SOPA/PIPA

Starting Jan 18, 2011 at 00:00 UTC, this blog will be joining many others to protest SOPA and PIPA. I strongly oppose the views outlined in the bill, and with a Google Pagerank of 4/10, with almost 650 RSS readers, and about 1,500 hits to my site per day, I’ll be taking advantage of these numbers, and showing my disgust for SOPA/PIPA. Join me, and many others, by joining the strike at http://americancensorship.org. Now, a note to my (current and future) political representatives in Utah.

Dear Jim Matheson, Rob Bishop, Jason Chaffetz, Orrin Hatch and Mike Lee:

If you vote in favor of supporting SOPA and PIPA passing, not only will you not get a vote from me, I’ll launch an online campaign to make sure I take as many people with me this November in doing the same (I’ll tell you right now Mr. Hatch, that Pete Ashdown already has my vote, but its not too late to withold the campaign). The ball is in your court.

January 17, 2012 09:50 PM

Richard Esplin
Announcing Alfresco Add-ons

Last summer I changed roles at Alfresco and moved from technical sales to technical marketing. It has been a lot of fun to own a technology project again. My main focus since that time has been to replace the Alfresco Developer Forge with a new Add-ons Directory located here:

http://addons.alfresco.com

As of this writing, there are more than 70 add-ons listed!

I posted a few months ago to the Alfresco Forums about our plans to replace Forge. The system hasn’t received proper care and feeding, is increasingly hard to defend against spammers and mal-doers, and there are modern code forges that provide a better developer experience than we are able to deliver as a side-service (I am partial to Bit Bucket or Google Code because I find Mercurial so much easier to use that Git). When we examined what our community really wanted from Forge, the important service was to have a single place to locate an interesting add-on to Alfresco. So we build a site that does just that.

On the site you can submit an add-on hosted anywhere on the Internet. You can browse add-ons, rate add-ons, and leave comments. We still have some back-end work to do so that created accounts are stored in a system that can be leveraged by the forums, wiki, and issue tracker (I apologize for asking for a new username and password), but the system is currently usable. Important features like search, tagging, and usage statistics are also in the works.

For those who are interested, the site is built on Drupal 7 and will in the future be integrated with Alfresco. I have personally found Drupal to be a disappointing platform to work with, but that is a subject for a future blog post (summary: you should use Django). While building the site I learned a lot about HTML5 and CSS3, but I don’t know if it is actually improving search indexing of the site yet.

Forge has been a useful tool over the last five years, but we are encouraging all projects hosted there to move. Forge is closed to new projects and new users, and at the end of February we plan to make that server read-only. It will eventually be turned off completely.

If you have any feedback on Add-ons or concerns with the future of Forge, you should get in contact with me. I would enjoy discussing it with you.

January 17, 2012 02:44 PM

January 16, 2012


Tom Hatch
Salt 0.9.5 is Here!

Salt 0.9.5 is one of the largest steps forward in the development of Salt.

0.9.5 comes with many milestones, this release has seen the community of developers grow out to an international team of 46 code contributors and has many feature additions, feature enhancements, bug fixes and speed improvements.

There is a backwards incompatibility in 0.9.5, Salt moved from using python pickles for network serialization to using Message Pack (msgpack.org), which is much faster than pickles, much more compact, more secure and more portable.

Please see the release notes for details on the backwards incompatibility issue, but the safest thing to do is to upgrade the master, add the configuration “serial: pickle”, which will allow old minions and new minions to communicate with the new master, then upgrade the minions to 0.9.5. Once all minions are upgraded turn off pickles entirely by removing the serial configuration line.

The release which details the new features in Salt announcement can be found here:
http://saltstack.org/topics/releases/0.9.5/

The source can be found here:
github.com/downloads/saltstack/salt/salt-0.9.5.tar.gz

The saltstack.org website has been updated to include the new documentation, but a pdf of the docs can be found here:
github.com/downloads/saltstack/salt/salt-0.9.5.pdf

Packages for 0.9.5 should be hitting Fedora soon, and other distribution packages should be updated shortly!

Enjoy the Salt!

- Thomas S Hatch


January 16, 2012 07:08 AM

January 15, 2012


Phil Windley
Delivering Flowers with a Distributed Event System: Event Subscription in Action

This semester, I'm teaching a class at BYU, CS462. We're using Opher Etzion and Peter Niblett's book Event Processing in Action as the class text. The text uses a flower shop and delivery driver scenario as the running example throughout the book. Here's a description:

The flower stores in a large city have established an agreement with local independent van drivers to deliver flowers from the city's flower stores to their destinations. When a store gets a flower delivery order, it creates a request, which is broadcasted to relevant drivers within a certain distance from the store, with the time for pick up (typically now) and the required delivery time if it is an urgent delivery. A driver is then assigned and the customer is notified that a delivery has been scheduled. The driver picks up the delivery and delivers it, and then person receiving the flowers confirms the delivery time by signing for it on the driver's mobile device. The system maintains a ranking of each individual driver based on his or her ability to deliver flowers on time. Each store has a profile that can include a constraint on the ranking of its drivers, for example a store can require its driver to have a ranking greater than 10. the profile also indicates whether the store wants the system to assign drivers automatically, or whether it wants to receive several applications and then make its own choice.

The following diagram (from the Event Processing Technical Society's site) illustrates the interactions that take place between various entities:

ffd_figure

The example that Opher details in the book has been implemented in several event processing systems.

If you follow my blog, you'll know I have a particular view of evented systems based on distributed event processing taking place on event networks that are owned and run on behalf of particular entities. We call these personal event networks. In addition to writing a book on the subject, I've described personal event networks in various articles on this blog over the last six months:

N.B. If you're in my CS462 class, it wouldn't hurt to read them all. :)

Consequently, as we implement the flowershop example in my class, we're going to do it with a personal event network twist. The result looks something like this diagram:

flowershop pen

In the preceding diagram, there isn't one event system that manages the interactions between the shops and the drivers. Rather, each driver has their own personal event network, each shop has their own personal event network, and the guild has one too. The interactions aren't simply events raised within a single event network, but rather events raised between the networks of each participant. I've shown some of the apps that drivers, shops, and the guilds have installed on their personal event networks, but they would each be individually managed and configured. In fact, it's reasonable to assume that different drivers or shops might use different apps for the same purpose as long as they understood the events.

The various personal event networks are linked together via event subscription. For example, a driver might subscribe to the delivery_ready event from each of the flowershops she wants to drive for. A driver who has a bad experience with a particular shop, merely unsubscribes from that shop's delivery_ready events and never sees them again. Similarly, a shop that doesn't like a particular driver can merely unsubscribe from them and no longer do business with them. I'll be posting an example soon that shows how event subscription works in a personal event network. There are lots of details to work out and this blog post isn't the place for them.

There are design choices to be made in this system. For example, there's a "direct" arrow in the diagram indicating that shop and driver personal event networks can communicate directly. But the guild may chose to intermediate the interactions. In class, we're going to be implementing the system with a direct connection first and then re-plumb the entire thing to use the guild as an intermediary. Intermediaries introduce interesting dynamics, making many things easier and increasing flexibility.

Overall, this example isn't terribly different from the fourth-party ecommerce example I wrote about last June except that example featured hardwired connections between the shopper and the merchant rulesets. In contrast, this example uses the idea of event subscription to link merchants and customers. Event subscription takes the fourth-party example from a nice little demonstration to a conception of how VRM could work in the real-world. The diagram shown above can be partitioned to illustrate this:

flowershop parties

Together with our ideas about how notification occurs and how personal data can be managed in personal event networks, event subscription creates a powerful system for enabling a completely new kind of interaction between vendors and customers (note that in this example, the flowershop is the customer who is negotiating for and buying delivery services from the drivers).

Tags: krl cs462 kynetx personal+events

January 15, 2012 03:50 AM

January 14, 2012


Justin Carmony
Debugging Nginx Configuration Trick

Today I had an issue where I was trying to debug a problem with an nginx configuration, I came up with a simple trick. One of the hardest parts of nginx configurations, especially with rewrites, is you might not know which “location” directive is not working as expected.

In PHP, sometimes you would just add something like this:

echo "I'm here!";
exit();

However, in Nginx configuration files, it isn’t as easy…

… or is it?

One thing that works well is the rewrite directive. You can append variables to the URL to be rewritten. Another great thing is a rewrite statement can go just about anywhere. So lets say we were trying to debug this location statement:

location ~ /api/.*\.php$ { include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /path/to/www/$fastcgi_script_name; }

Now lets say its returning a 404, and I’m not 100% sure what the actual value of $fastcgi_script_name is. I can add this to it:

location ~ /api/.*\.php$ { ## ADD HERE redirect ^ http://www.google.com/?q=$fastcgi_script_name last; break; include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /path/to/www/$fastcgi_script_name; }

This will redirect your HTTP request to Google.com and put the value in the query textfield. Bingo, I can easily see the actual value! Pretty helpful when you have a large, complex server definition.

Related posts:

  1. PHP, Nginx, and Output Flushing
  2. Setting Up Nginx & PHP-FPM on Ubuntu 10.04
  3. Simple Trick: History Command

January 14, 2012 02:24 AM

January 13, 2012


Provo Linux User Group
What operating system do you currently prefer for servers?
January 13, 2012 10:50 PM

Justin Carmony
Letter to Senator Lee

My letter to Senator Lee:

Senator Lee,

My name is Justin Carmony, and I am the C.T.O. for Dating DNA, LLC, a company that makes iPhone Apps. This is my first time writing a senator, but I feel it is important to convey my thoughts on SOPA and PIPA.

We have struggled with people downloading our Apps from 3rd Party Websites and not paying for them. We are able to monitor and track these “cracked” apps when they connect to our services, and these “cracked apps” number in the hundreds of thousands over time. That is potentially millions of dollars in lost revenue.

However, I do NOT support SOPA, PIPA, or bills like it that give “blacklist” or “takedown” authority without due process.

Even though we struggle with piracy, these bills will do very little in preventing unauthorized distribution of copyrighted materials. However, they are extremely dangerous in terms of abuse against legitimate businesses. Even though the cost of piracy can be great, we already have tools and laws to help us minimize piracy. We work hard at providing a great service, and we’ve even successfully turned “pirates” into “legal, legitimate customers.” SOPA & PIPA will do very little in helping us stop real piracy, but will also expose us to “takedowns claims” without any oversight or due process.

There is already testimonies on legal records of Media Companies such as Warner Music and Universal Music group admitting to using DMCA to take down content they had no copyright ownership to. Their motives instead were to silence groups being critical of them. (see “A Business Person’s SOPA Primer” — http://avoidingagoatrodeo.com/2011/12/26/a-businesspersons-sopa-primer/)

Please, as my elected representative, pull your support of SOPA. Our small business would not survive a “takedown” if a competitor used SOPA with false claims. We depend on the internet to keep us in business. I hope you can see, and understand, that due process and legal oversight should still apply to the internet.

Thank you,

Justin Carmony
Utah Citizen

Related posts:

  1. Comcast Limit to 250GB a month for Residential
  2. Google Apps Dropping IE 6
  3. Yahoo vs. Rhapsody – Why Yahoo Lost

January 13, 2012 07:19 PM

January 12, 2012


Phil Windley
The Live Web is Live!

My book, The Live Web: Building Event-Based Connections in the Cloud, has been released and is on Amazon. Having the book actually available is great, although slightly anti-climatic after the thrill of just being done last November. :)

The book is my look at the future. When Eric Schmidt talks about a personalized house or we contemplate how commerce or health care will change in a completely connected world, that's the Live Web.

Buying the book: If you are going to order a copy from Amazon, do be a favor and order it on Friday, January 13th. I'm trying to get the book to move up the rankings--if only for a day.

Here's an excerpt from the Introduction:

For many years, pundits have foreseen a world in which everything will be connected to the Internet. We're getting there. We now have Wi-Fi--enabled refrigerators, thermostats, and bathroom scales. But what happens after things are online? Will they merely connect to the Internet or will they connect to each other?

Connecting everything we use--products and services--to each other is a powerful idea. An idea that is bigger than mobile and social. Mobile's big because everyone is connected all the time. Social is big because we're connected to each other. Connecting us to everything around us is the next step.

Connecting our things to each other and setting them to work on our behalf is transformative. Imagine a world in which your phone automatically mutes the ringer when you start watching a movie. Imagine a world in which your alarm clock sets itself based on your schedule and other information like the weather, the traffic, and your past behavior. Imagine a world in which the mundane parts of business travel or scheduling an appointment with a new doctor are automatically taken care of according to your preferences. That world is the Live Web.

The Live Web: Building Event-Based Connections in the Cloud is a book about specific concepts, architectures, and technologies you can use to build Live Web experiences. This book is not easy; it requires that you think about Web programming from a brand new perspective. That's hard for any of us. I have no business asking that of you unless there is a big payoff. There is: I believe the ideas and techniques in this book will help you build brand new types of Web experiences unlike those you can create using traditional Web technologies or languages like PHP or Rails. Don't let this intimidate you. While this book asks a lot, the ideas are familiar and their application is engaging and fun.

The premise of this book is simple, but profound: The Web of the future--the Live Web--will link our lives in ways we can hardly imagine..and you can start building that Web today. While the request-response programming model we've been using has led to incredible applications and services, we can do more with a new model that complements--rather than replaces--the thinking that has led us so far. That new model is based on events.

Whereas today's Web sites are about users interacting with relatively static pools of data, the cloud is giving us a brand new kind of data: data that is flowing, moving, and real-time. Data that links sites and services together. The cloud is about way more than just APIs to data and services--as important as that is. At its best, the cloud creates real-time interactions enabled by streams of data. The problem is that this kind of data doesn't look like a request. Consequently using the tried and tested tools we've used to build Web services won't take us where we need to go. Event-based interactions are the perfect model for taming these rivers of dynamic data and creating applications that make the most effective use of them.

Event-based applications are more loosely coupled than those built using a request-response model. I cannot overstate the case for loose coupling. As we move to a world in which more and more applications must coordinate their actions on our behalf, there is simply no way that we can pre-plan and orchestrate all the required interactions between them. Using systems that are supportive of and are architected for loosely coupled applications will play an important role in enabling the cloud-based future we envision.

This may seem a little overwhelming, but I have a secret weapon to help you out: a new programming language. I know what you're thinking, "Wait, I've got to think differently about the Web and learn a new language too!?!" But in fact, I think the language helps, rather than hurts.

Tools shape how we think and work. I learned long ago that the best way to think differently about a problem is to create a nomenclature that describes and illuminates the new domain. In this book, you'll use a language called the Kinetic Rules Language (KRL) to channel your thinking for this new model. KRL will lead you into the world of event-based programming on the Web.

KRL is a rule-based language that is custom built for the domain of event-based applications that operate on real-time data in the cloud. KRL was designed from the ground up with events and the cloud in mind. KRL provides a number of familiar touch-points for users already accustomed to Web programming and JavaScript, but provides a framework for making the most of an evented Web. While KRL is open and runs on an open source rules engine, you can get started with it right away using a cloud-based service.

While the ideas and techniques in this book can be implemented in any language, there is significant value in using a purpose-built language to guide our thinking. Remember, the ultimate value you will gain from this book isn't learning any specific programming language, but in forcing your thinking down a new road--one in which events, rather than requests, reign supreme.

I'm very pleased with how the book turned out and extremely excited about the ideas in it. I hope you'll read it, comment on it, review it, and try the ideas out. Undoubtedly, the future will turn out different than I've envisioned it, but I think we have an obligation to try to influence the design that emerges. The Live Web is my best thinking about how to do that.

Update: Some people have asked about a Kindle edition. There is a Kindle edition coming, but I don't know when it will be available.

Tags: krl live+web kynetx book

January 12, 2012 03:30 AM

Clint Savage
FUDCon Blacksburg 2012: Three days to the Sysadmin Study Group

This Saturday, January 14, 2012 at approximately 1pm Eastern Standard Time, I will be running the System Administration Study Group (SysadminSG) at the Fedora Users and Developers Conference being held in Blacksburg, Virginia.

We did a successful version of the SysadminSG at the Southern California Linux Expo (SCaLE 9x) last year.  And thanks to Ben Williams prodding several months ago, I agreed to run this event again. Note: We will also be running the SysadminSG again at SCaLE 10x on January 21, 2012 as the Fedora Activity Day (FAD).

What is the System Administration Study Group (SysadminSG)?

The System Administration Study Group or SysadminSG is intended as a gathering of individuals with a common purpose, studying and preparation for the Red Hat Certifications. The two main certifications of focus are the Red Hat Certified System Administrator (RHCSA) and the Red Hat Ceritfied Engineer (RHCE).

This is a self-guided workshop for those who gather, it does not have any instructors. However, proctors will be around to assist as needed.

The SysadminSG could be used for many other reasons. The Fedora Infrastructure team is always looking for skilled system administrators. The study group is a great way to bone up on the technologies used by Fedora Project administrators every day.

Why should I participate in SysadminSG?

Because it’s cool, and other reasons, too!

Okay, while it is true that participation is the cool thing to do, it is also very possible you may wish to improve your system administration skills. Doing so with others in the room to bounce questions off can be very helpful. Studying by yourself is challenging and while IRC is nice, there really is nothing like real live people in a room, with similar goals.

So I am interested. What do I need to bring/provide to get me started?

To participate in this event, please bring a laptop, PC or some other computer with a current version of Fedora pre-installed. YOU DO NOT WANT TO INSTALL THE DAY OF THE STUDY SESSION!!

Amazon ec2 instances will be used where possible, so that things can be portable. The instances should be up and running for around 24-hours, which means if you don’t finish during the study session, it’s possible to continue for a short time after the workshop. To access an ec2 instance, it will need to be setup with an ssh public key, so come prepared with one.

Note: If the machine you bring has the capability for Virtual Machines using KVM or VMWare, we can work with that as well, but you may receive mixed results.

Resources! Pig for Wheat!

Okay, stop screaming about it! There will be plenty to do during the 4-hour session, but if you want to get a head start, read up on these guides.

Contributions encouraged and accepted

One of the main goals of the study group is to come up with tasks that would be representative of each of the objectives listed. It is my hope that with a bit of contribution during the session, we can discover and improve the study group to make it a regularly occurring workshop. I would like to see these study guides go from big sections of blank to something more tangible. It’s possible each objective could have two or three tasks for a future SysadminSG workshop.

See you all at FUDCon this weekend!

Cheers,

herlo

January 12, 2012 03:28 AM

January 11, 2012


Jared Smith
Prepare for FUDCon!

I have a pretty good idea what you’re thinking… you’re saying to yourself “Here goes Jared, reminding me of all the things I need to remember about FUDCon”.  Well, this is a FUDCon reminder, but I’ll leave the logistics details aside for a moment, and invite you to prepare for FUDCon in other ways.  I’m sure others will remind you of the logistical items you’ve forgotten about.  (You did remember to sign up ahead of time for the wireless internet access at Virginia Tech, right?)

Amit learning at FUDCon Pune

Prepare to Learn

One of the things I most enjoy about the Fedora Users and Developers Conference is the chance to learn in a fast-paced environment from people who do amazing things every day.  That learning doesn’t come by accident, however.  I learned at my first FUDCon that you really need to prepare ahead of time to be able to take advantage of all there is to learn at FUDCon.  So, write down a short list of topics you’d like to learn about. Write down a list of questions you’d like to ask your fellow Fedora contributors.  Look at the list of workshops, and start planning which ones you would like to attend.  And when we organize the barcamp portion of the conference on Saturday morning, pay attention to the sessions that are pitched and be prepared to vote for the sessions you are most likely to attend.

I’ve seen from sad experience that if you don’t plan ahead for learning, you’ll end up spending too much time checking your email or chatting with your friend in the hallway (more on the hallway track below!), and miss out on a great opportunity to learn and grow.

Eugene teaching at FUDCon Pune

Prepare to Share

I’ve talked briefly about learning at FUDCon, but that must mean there’s another side to the coin: If there are people to learn, then there must be people willing to teach as well.  This is one reason why the barcamp session at FUDCon is truly amazing, because anybody can stand up and propose a session.  It always helps if you have something prepared to share, or know the material well enough that you can do a presentation without any formal preparation, but that’s not an absolute requirement.  I do encourage you, however, to spend some time thinking about the things you have that you could teach to other participants, and then come prepared to share your knowledge with others.

I’d also like you to think about ways you can share the FUDCon experience with those who aren’t able to make it to the conference.  All the usual suspects (blog posts, microblogging such as identi.ca or Twitter, social networking, IRC channels) are there and available to help us share with those who are participating vicariously.

Socializing at FUDCon Tempe

Prepare to Socialize

Another important aspect of FUDCon is the chance to get to know your fellow Fedorans better.  So even though I told you earlier to plan ahead so that you don’t get stuck in the “hallway track” at FUDCon, I must confess that the hallway track is an important part of the conference.  Perhaps as important as the technical bits.  Getting to know your fellow contributors helps build trust in our community, and helps to smooth over the rough patches that we encounter from time to time.  Sometimes being able to put a face and a name with an IRC handle makes all the difference.  There are a number of activities on the schedule specifically designed to help you get to know your (virtual) neighbors a bit better, and I’m sure some people will come up with unscheduled activities as well.

So bring your HAM radio, or your DSLR, or your latest robotics kit, or your hot dog costume.  Bring your favorite keyboard or input device… and then don’t be afraid to say hello to those around you.  And if you see me, say hi!  (I’ll be the guy playing amateur photographer and generally trying to make sure things go smoothly.)

Work being done during FUDCon Tempe

Prepare to Work

Last but not least, I ask each of you to come to FUDCon prepared to work.  Yes, we have a good time at FUDCon.  Yes, we learn and share and grow.  But at the end of the day, FUDCon is about making forward progress, and moving us one step closer to our goals.  Yes, talk is important, and conversation is crucial.  It’s only if we put those ideas into action that FUDCon is truly successful.  If you’re a part of a steering committee or a special interest group in Fedora, prepare to set a plan for the upcoming year.  If you’re not yet a member of a special interest group, you might want to join one at FUDCon, and take the first step to becoming more involved.

I can’t wait to spend time with many of you at FUDCon this coming weekend, and hope to meet the rest of you someday at a future event.

(Thanks to María “tatica” Leandro and Kushal Das for sharing their FUDCon photos with me.)

January 11, 2012 02:05 AM

January 10, 2012


Clint Savage
Presenting at PLUG Tomorrow: GoOSe Linux – Rebuilding Enterprise Linux the Community Way

Well, this has been a long time coming. It’s taken over 6 months of hard work by our community. Tomorrow night, January 11, 2012, I will stand in front of the Provo Linux User Group (PLUG) and talk about what we have been working toward.

GoOSe Linux – Rebuilding Enterprise Linux the Community Way

Yes, GoOSe Linux is almost here and we’re ready to discuss the process and the goals of our little community. If you have been hearing me rant about GoOSe on the Utah Open Source Planet, Google Plus or Facebook and want to hear more. Or if you are just plain bored tomorrow night with nothing better to do, come down to the Provo Linux User Group. Learn more about how the Enterprise Linux Rebuild community is working together to make a better ecosystem.

If you can’t make it, or want to preview the slides, you can get them on my speakerdeck.com page. I look forward to seeing you all there.

Date: January 11th, 2012
Time: 7:30 PM
Location: C7 Data Centers (Lindon)

For more information, check out the PLUG announcement.

Cheers,

herlo

January 10, 2012 09:06 PM

Justin Carmony
PHP Workers with Redis & Solo

I’ve come across an awesome combination of tools for managing PHP Workers, and thought I’d share.

Why Workers?

Sometimes there are situations when you want to parallel process things. Other times you might have a list of tasks to accomplish, and you don’t want to make the user wait after pressing a button. This is where “Workers” can come in. They are independent scripts that run along side of your application, performing tasks, or “jobs.”

An example is with Dating DNA and our score system. We generate scores between users to show how compatible they are with each other. When a user signs up, or makes a significant change to their profile questionnaire, we need to run a job to query our database, build a list of potential users, and generate scores. This takes 10-20 seconds, and while it is pretty fast, we don’t want to make the user wait for that. So we queue up a job for the user, divide up the work among several workers, and process the work.

General Concept

For this post, we’ll use the example of generating reports. Lets say on your internal website there is a button that you can click and it will email the user a report, and the report takes 2-3 minutes to generate. When the button is clicked, your code will insert the job into the queue. Meanwhile, workers are monitoring the queue. A worker script will pull the job off the queue, process the report, and send the email when its done.

For the queue management, we’ll use Redis. To let PHP read and write data to Redis, we’ll use the PHP Library predis. In our examples we’ll use PHP 5.3, however predis has a PHP 5.2 backport if you are not running 5.3.

Adding Jobs

To add jobs, we’ll need to connect to our Redis server:

/*
 * Connecting to Redis
 */

const REDIS_HOST = '127.0.0.1';
const REDIS_PORT = 6379;

$predis = new Predis\Client(array(
    'scheme' => 'tcp',
    'host'   => REDIS_HOST,
    'port'   => REDIS_PORT,
));

We’ll assume in all of our examples that we’ve done the following above & connected to Redis.

Now, to manage our queues we’ll use the Redis Datatype LIST. Whats awesome about lists is that regardless of size, adding or removing at the start or end of a list is extremely fast. So if your queue has 10 items, or 10,000,000 items, Redis wil be able to push and pop entries quickly.

We’ll have three queues, one for each priority: high, normal, and low. For the Redis key names, we’ll use queue.priority.high, queue.priority.normal, etc. When interacting with lists, you work with the ends, one called right, the other called left. So we’ll add items on the right with the RPUSH (Right Push) command, and we’ll pull items off the left with the BLPOP (Blocking Left Pop) command. We won’t worry about the pulling items just yet.

You store strings as the values for the list. My personal preference is to store JSON objects so you can easily pass variables needed to perform the job.

/*
 * Adding items to the queue
 */

$job = new stdClass();
$job->id = 1;
$job->report = 'general';
$job->email = 'test@example.com';

// Add the job to the high priority queue
$predis->rpush('queue.priority.high', json_encode($job));

// Or, you could add it to the normal or low priority queue.
$predis->rpush('queue.priority.normal', json_encode($job));
$predis->rpush('queue.priority.low', json_encode($job));

Simple enough! Having different queue priorities is very beneficial in managing which jobs should get done first. For example, you might have an Executive’s request go into the high priority queue so they get the report quickly. You might also have a weekly cron that queues up reports to be sent automatically, so those can go in the low priority as to not disrupt people trying to get a manual report.

Now, on to the worker’s code.

Processing Jobs

For now, lets say we have a script running in the PHP CLI (Command Line Interface) that you started by running this command on the server:

php /path/to/worker.php

First thing is we want this worker to work continuously, so we can do a while loop:

/*
 * Simple Continuous While Loop
 */

// Always True
while(1)
{
	/* ... perform tasks here ...  */
}

We’ll worry about making them more intelligent later. Now, let’s have our worker check the queue. You can do so with the BLPOP command:

/*
 * Checking the Queue
 */
$job = $predis->blpop('queue.priority.high'
						, 'queue.priority.normal'
						, 'queue.priority.low'
						, 10);

What we’re telling PHP to do is to check each queue in order of priority: high, normal, and then low. If it finds an item, it will immediately return an array with the name of the queue it came from, and the string of data that was pulled.

The B in BLPOP is “blocking.” What that means is that Redis will wait until either an item enters one of the queues, or the timeout is reached. In this case, the timeout is 10 seconds. So instead of polling (checking every few seconds in a loop), we check and wait, and after 10 seconds it will return null and we can check again.

What this gives us is near instantaneous queues. As soon as something is available, it is passed to the workers that are listening. You can also have multiple workers, and it will pass jobs to the first listening worker, and the next job to the next worker, so you don’t have to worry about multiple workers getting the same queued item.

After $predis->blpop() returns, if it has an array, it returned an item. If not, the timeout had been reached. We can check to see if a Job was returned, and if so to process the job:

/*
 * Checking to see if a Job was returned
 */

if($job)
{
	// Index 0 of the array holds which queue was returned
	$queue_name = $job[0];
	// Index 1 of the array holds the string value of the job.
	// Since we are passing it JSON, we'll decode it:
	$details = json_decode($job[1]);

	/* ... do job work ... */
}

Now we can have multiple workers listening to the same queues and scale our workload. Redis is very fast & efficient, and you could have hundreds or even thousands of workers listening to a single redis server.

Continuously Running Workers

There are a lot of options when it comes to deploying these workers. You can use a framework like Gearman, but for simple things, I like very simple solutions. I came across a blog post by Joseph Scott about a little 10 line perl script called solo. What it does is it will run a command, and to ensure that no one else is running that same exact command, it will lock a configurable port. This is awesome because the you don’t have to work about lock files or filesystem tricks, the kernel handles it all.

So what you can do is create a cronjob using solo to execute your script. First copy solo somewhere, I put it in my /usr/local/bin on my linux server. Then add this to your cron job using the command “crontab -e -u (which user to use)”:

* * * * * /usr/local/bin/solo -port=5001 php /path/to/worker.php

What this will do is try to run this command every minute. Solo will check to see if the port is already in use, and if it is, it will exit. Otherwise, it will lock the port and then execute the command. The port will stay locked as long as the command is executing. Once the command terminates, the port will unlock.

Now, PHP is a great language, but it has been known to have some memory leaks while running a long time in a single instance. So we can have our scripts exit periodically to be restarted by our cron job. So lets make our “while(1)” statement a little smarter:

/*
 * A Smarter While Statement
 */

// Set the time limit for php to 0 seconds
set_time_limit(0);

/*
 * We'll set our base time, which is one hour (in seconds).
 * Once we have our base time, we'll add anywhere between 0
 * to 10 minutes randomly, so all workers won't quick at the
 * same time.
 */
$time_limit = 60 * 60 * 1; // Minimum of 1 hour
$time_limit += rand(0, 60 * 10); // Adding additional time

// Set the start time
$start_time = time();

// Continue looping as long as we don't go past the time limit
while(time() < $start_time + $time_limit)
{
	/* ... perorm BLPOP command ... */
	/* ... process jobs when received ... */
}

/* ... will quit once the time limit has been reached ... */

One key thing to note is randomly shifting the time limit for the script. I like to do this because you don’t want your workers all stopping and starting at the same time. So if I have 8 workers, one might, but the 7 will continue until the 8th starts back up again via the cron job.

Bells & Whistles

After using workers for awhile, here are a couple of ideas to enhance your workers & system managing them. First off, you can add some monitoring for your queues. Using Redis a HASH, you can use them to store the state of your workers. 

/*
 * Assigning Worker IDs & Monitoring
 *
 * Usage: php worker.php 1
 */

// Gets the worker ID from the command line argument
$worker_id = $argv[1];

// Setting the Worker's Status
$predis->hset('worker.status', $worker_id, 'Started');

// Set the last time this worker checked in, use this to
// help determine when scripts die
$predis->hset('worker.status.last_time', $worker_id, time());

Another problem with workers that run for a long time (several hours) is when you make a change to their code, they won’t reload that change until they exit. What I’ve found to successfully restart them is having a “version” number set in Redis that is checked at the end of every loop:

/*
 * Using Versions to Check for Reloads
 */

$version = $predis->get('worker.version'); // i.e. number: 6

while(time() < $start_time + $time_limit)
{
	/* ... check for jobs and process them ... */

	/* ... then, at the very end of the while ... */
	if($predis->get('worker.version') != $version)
	{
		echo "New Version Detected... \n";
		echo "Reloading... \n";
		exit();
	}
}

You would simply INCR (increment) worker.version and after finishing their last job, the worker would exit, and solo would start it up again.

You can also kill specific threads by having them check for their value in a hash:

/*
 * Using Kill Switches to Check for Reloads
 */

while(time() < $start_time + $time_limit)
{
	/* ... check for jobs and process them ... */

	/* ... then, at the very end of the while ... */
	// Check to see if a kill has been set.
	if($predis->hget('worker.kill', $worker_id))
	{
		// Make sure to unset the kill request before exiting, or
		// your worker will just keep restarting.
		$predis->hdel('worker.kill', $worker_id);

		echo "Kill Request Detected... \n";
		echo "Reloading... \n";
		exit();
	}
}

Tweak to Solo & Logging

I made one small tweak in my version of solo, and that was to help it enable logging. Lets say I had three workers in my crontab:

# crontab for user to run workers * * * * * /usr/local/bin/solo -port=5001 php /path/to/worker.php 1 >> /tmp/worker.log.1 * * * * * /usr/local/bin/solo -port=5002 php /path/to/worker.php 2 >> /tmp/worker.log.2 * * * * * /usr/local/bin/solo -port=5003 php /path/to/worker.php 3 >> /tmp/worker.log.3

The “>> /tmp/worker.log.1″ tells solo I want to log it’s output to a tmp file that I can tail and monitor their progress. This is great for debugging problems. However, when I did this, solo would write to the tmp file, and not the output from my script. To overcome this I changed the last line of solo:

# old
exec @ARGV;
# new
exec "@ARGV";

This would ensure my script wrote out to the tmp file, and not just solo.

Examples

I’ve created an example on GitHub that you can clone on your own machine. All you will need is PHP 5.3 and Redis installed.

To install redis, simple run these commands on your unix based system:

wget http://redis.googlecode.com/files/redis-2.4.5.tar.gz tar -xzvf redis-2.4.5.tar.gz cd redis-2.4.5 make make install

It will copy the redis binaries to /usr/local/bin.

To get a copy of the code, you can download them here. HOWEVER, it doesn’t include predis! You’ll have to download and copy predis inside there via this link. It is much easier to clone it as so:

git clone git://github.com/JustinCarmony/PHP-Workers-with-Redis-Solo-Examples.git php_example/ cd php_example git submodule init git submodule update

Then, using different terminal windows (or using screen), you can run different worker.php instances, use creator.php to insert jobs, and monitor.php to watch the progress. This is all done from the command line.

If you’re using windows, I suggest installed a VM of Ubuntu and using that. If you really want to use Redis on windows, there are some Windows Binaries you can google and download. Good luck!

Here is a video where I demo the example:

(sorry for the poor mic quality)

Final Thoughts

I’ll post here shortly about how to run Redis in production with the init.d scripts and configuration files. One caveat to using solo is if your server has an application that randomly selects ports to use (i.e. VoIP, FTP), it might select one of your worker’s ports. But on a production server, you should have a good feel for which ports are available for locking.

If you want to learn more about Redis, check out their website.

Hopefully this will be helpful for anyone looking to use PHP Workers in an easy, simple way.

Related posts:

  1. MySQL, Redis, and a Billion Rows – A Love Story
  2. Creating Chatroom / Walls with Redis & PHP
  3. Debuging with PHP, Stack Traces, and Redis

January 10, 2012 06:20 PM

Andrew Shafer
incubators are a ghetto

Update: Following up to all the conversations, I’ve had about incubators and Silicon Valley since last week, I didn’t mean to imply ‘a list’ or that there are not other incubators besides YC, TechStars and 500 Startups that create value. Though, like most things, I think there tendency is a Pareto Distribution. I would also like to point out that there is nothing wrong with programs that are not explicitly designed to help companies get investment, just don’t mention investment as a central feature in marketing the program.

The way for anyone to establish that value is to provide transparent expectations and data about their program. Done.

For my next trick, because the ultimate success of any program is going to be a function of the larger ecosystem the created companies participate in, I’m going to outline my perspective on and experience within the mythical ‘Silicon Valley’. Stay Tuned.

There has been an explosion of incubators in the last few years. Most of them suck. Some suck so bad that the net value created by the program is probably negative. I’m not going to name names. This is just about results.

Let’s start with a story. There are minor variations, but I’ve seen it played out in real time more than once in the last few years. The story goes like this. An incubator has a class of companies, they give them a little cash, they have a weekly session with a mentor or whatever, time goes by, demo day, no one gets funding, fail, fail, FAIL.

what’s wrong

They tried to copy the Y Combinator model, and by ‘copy’ I mean cargo cult. They performed the outwardly obvious ceremony, but didn’t understand and thus couldn’t replicate the mechanics of cause and effect.

Y Combinator has had impact on the dynamics of startup formation and funding not because of the exact details of a program.  But the details are what cargo culters can see: three months, a dollar figure, weekly sessions, gogogo, demo day… the end , most of the companies dissipate.

To be successful an incubator has to do two things. First, create companies that are actually fundable, second, get them an audience with investors interested and able to fund. That’s it. That’s all. Connect the dots. Success.

create companies that are actually fundable

To accomplish the first, you can look at details like Paul Graham’s judgement of people and ideas, or Brad Feld’s numbers and analysis, or Dave McClure’s hustle and passion. You can look at the program, and the mentors. You can talk about lean startup pivots or vision or whatever. At the end of the day, there is a fairly narrow band in the total spectrum of business opportunities that are venture fundable (though that band still represents infinite opportunities). If through whatever process of filtering, coaching and pivoting, the resulting companies don’t represent an opportunity for plausible venture returns, then by definition those companies will not get funded.

The fundability is also a function of how the opportunity is represented. Raising a round of funding is telling the story of your company to a particular audience. If you can’t connect the right dots for the investors, they probably can’t connect them for you. I literally grimace when I meet founders who have come through these programs and don’t understand how to discuss the addressable market, the go-to market, let alone term sheets. The point is that a company is only as fundable as they are able to tell the story that they are fundable. And that skill is something that many incubators fail to teach. Which is a segue to what has to be in place to accomplish the second: get them an audience with investors interested and able to fund.

the network: the only thing that’s real

The traditional venture model ran on warm introductions. If you have an incubator that can’t make that hand off personally, or get the right audience in the room for demo day, then the value of the program is severely limited. So much, that I’d argue for what you trade in equity for the amount of money, the founders’ time would be better spent reading through Venture Hacks or ‘The Business of Venture Capital‘, and then hustling to social engineer introductions themselves.

As much as anything that’s what the successful incubators are leveraging. YC leverages the personal connections and reputation of Paul Graham et al. Dave McClure is PayPal Mafia. He knows people and more importantly, people know Dave. These programs, through the network of people involved, can make introductions to dozens of individuals who in many cases MUST fund startups. That is a competitive advantage.

out of the ghetto: advice for founders

What can be done?

If you are a founder looking at a program that hasn’t had at least 50% of the previous companies funded, you might reconsider the options. You may have a good experience and learn some things, but there is an opportunity cost. If your life’s mission is really to make something amazing happen with your idea and you have the resources to devote your time to that, then what are you waiting for. If the time spent and the equity traded isn’t going to open more doors for you than just working on the code and angel list, then that program might be a setback, because you’ll just have to do those things anyway and you won’t have the burden of sorting good advice from the bad. You will also inevitably be judged by the quality of companies you stand next too, at least in the context of the program.

If you can go to YC, Techstars or 500 startups, you should. I would. You’ll learn things and get a tiny bit of money, but the connections you make to the network of founders and mentors is what will make all the difference. That’s the fat head of the incubator distribution. I’m sure there are others that add value in the middle, but I want to encourage people to be aware of what you are getting into and for what. In addition to the time and equity commitment, be sure to get more data and weigh the options and benefits.

  • How many companies have been through the program and how many got funded?
  • Who are the mentors in the program and what are their backgrounds?
  • Can you get in contact with people who have been through the program? Especially founders that failed.
  • What are the other options? (for example, building something)

unsolicited advice for the well intentioned incubator

If you run an incubator and your earnest concern is the creation of value, this is my unsolicited advice. (Remember, there’s just two things you need to do, create fundable companies, get them in front of investors.)

  • If your companies aren’t getting funded, take it personally. Look at what your program creates and the relationships that are being built with investors.
  • If no one involved has ever been funded, that’s a problem. If nearly everyone involved hasn’t been funded or is in a position to fund, that’s a problem. Fix it. You have very little hope to create fundable companies otherwise.
  • The companies should be getting as many questions from you as they are answers, probably more… a lot more. Of course, that’s predicated on knowing the right questions to ask.
  • The incubator needs to be building relationships with investors as much or more than any of the companies. If no one running an incubator has or can build those relationships, how can they can help a company build relationships?

There will always be advantages in resources and relationships. That’s how the world works. Understanding that is the first step to gaining those advantages. Hope that helps.

tl;dr if an incubator is run by people who have never run a start up, never successfully pitched venture or haven’t got the cash on hand plus the risk tolerance to make considerable investments, the companies that accomplish anything will be in spite of the program rather than because of it. Some of these incubators appear to be nothing but a hobby for individuals of relatively high net worth, often having had nothing to do with venture investment in the past, to tell their war stories filtered through survivor bias to founders who have to build companies in an environment different from anything their mentors have ever experienced. The resulting bad advice and misguided effort may be a net negative for all involved, the founders and investors.

addendum: After writing this I found this, which could potentially be a useful for collecting and comparing data. There is a link there  to a post and literal dissertation on forming seed accelerator programs and a follow up to that. Jed Christiansen provides a thoughtful treatment of the subject with sound advice, but the primary focus is how to make an incubator appealing to the entrepreneur, while follow on funding is mentioned in passing as a complication. Venture funding is a pull system, there has to be explicit signals to pull and someone to do it. (if you don’t know what a pull system is, see me after class)


January 10, 2012 03:50 PM

January 07, 2012


Aaron Toponce
Encrypted Mutt IMAP/SMTP Passwords

Rather than storing your IMAP and SMTP passwords in plain text on disk, you can store them encrypted using GnuPG, OpenSSL, the GNOME Keyring, or any other method of password storage encryption. It still requires a “master password” from you to decrypt the file(s) on the fly, and set the appropriate passwords, but then it will remain in RAM in plain text for the duration Mutt is running, and no worries about the password in plain text going to disk.

Here’s how I set mine up using my GnuPG key. First, I created a ~/.mutt/passwords file. The file is in plain text. Before encrypting it, here are its contents:

set imap_pass="password"
set smtp_pass="password"

I then encrypt that file with the following command:

% gpg -r your.email@example.com -e ~/.mutt/passwords
% ls ~/.mutt/passwords*
/home/user/.mutt/passwords /home/user/.mutt/passwords.gpg
% shred ~/.mutt/passwords
% rm ~/.mutt/passwords

The last two commands are to ensure that the temporary file you created for encryption is securely wiped from the disk using the GNU Shred utility. Now, you should only have an encrypted binary data file that contains your passwords. All that is left is to configure Mutt to decrypt them when starting up. You can set that easily in your Muttrc:

source "gpg -d ~/.mutt/passwords.gpg |"

The string is just a standard string. Also, it’s important to have “|” at the end of the command, to pipe the output to Mutt, so it can be appropriately sourced.

At this point, you should be able to launch Mutt, be asked for the passphrase for your private GnuPG key, and it should log you in to your IMAP account. You should also be able to send mail as normal, logging automatically into your SMTP account. The only time you are asked for a password, is your GnuPG passphrase when starting Mutt. If your “gpg-agent” is already running, and you’ve configured GnuPG to use the agent and added your private key to it, then starting Mutt won’t ask you for your key passphrase, and will use the agent instead.

Other than temporarily creating the plain text file to encrypt, which stores your passwords, and which you promptly and securely shred later, your IMAP/SMTP passwords for your remote account are never on disk in plain text.

Happy encrypted hacking!

January 07, 2012 03:16 PM