How to Enable ptrace in Docker 1.10

This is just a quick blog post about something I got working this morning. Docker currently adds some security to running containers by wrapping the containers in both AppArmor (or presumably SELinux on RedHat systems) and seccomp eBPF based syscall filters. This is awesome and turning either or both off is not recommended. Security is a good thing and learning to live with it will make you have a better time.

Posted Fri, Mar 18, 2016

When I Planned on Moving to Australia

Many of you do not know that I was born on the Gulf Coast of Mississippi. I lived there, with a brief intermission in Oconomowoc, Wisconsin, until I moved to Texas to go to college. That first year of school is rife with good memories; but there was a dark spot. Specifcally, Hurricane Katrina. Katrina was a big deal. To this day there are houses that are just gone, with nothing but a slab and a lot of weeds in their place.

Posted Sat, Mar 12, 2016

Weirdest Interview So Far

This is a pretty good story and I want you all to hear it. When I was graduating from college I interviewed with three companies. Two of them (MTSI and Rockwell Collins) offered me jobs. The other one, Empire Systems Inc., did not. So Empire Systems Inc. was founded by a couple LeTourneau (my alma mater) alumni. I didn’t know the two of them myself, but we did overlap, by a year or two.

Posted Sun, Mar 6, 2016

Migrating My Blog from Linode to CloudFront

Motivations I have just completed the process of migrating my blog to CloudFront. There are a few reasons for this. Initially I had planned to migrate everything on my Linode to OVH, which has DDoS mitigation and I think even uptime SLAs. The reasoning behind that was the Linode kept getting DDoS’ed and I was sick of it. Additionally, in January I went to SCALE14x and Eric Hammond (who was introduced to me by Andrew Grangaard) pointed out that by using the current generation of AWS tooling (Lambda, DynamoDB, etc) you can reduce total cost to less than the minimum pricing on a Linode.

Posted Sat, Feb 20, 2016

UCSPI

While CGI is a fairly well established, if aging, protocol, UCSPI seems fairly obscure. I suspect that UCSPI may see a resurgence as finally with systemd projects will have a reason to support running in such a mode. But here I go, burying the lede. CGI Refresher Just as a way of illustrating by example, I think that I should explain (hopefully only by way of reminder) how CGI works. Basically a server (usually Apache, IIS, or lately, nginx) waits for a client to connect, and when it does, it parses the request and all of the request headers.

Posted Wed, Feb 10, 2016

Rust

I’ve really enjoyed writing Rust, lately. I posted yesterday about what I’m doing with it. In the meantime here are some immediate reactions to writing Rust: Documentation The documentation is pretty good. It could be better, like if every single method had an example included, but it could be a lot worse. And the fact that a lot (though not all for some reason) of the documentation has links to the related source is really handy.

Posted Tue, Feb 9, 2016

Announcing cgid

This post is an announcement of cgid. Over the past week I developed a small UCSPI based single-file CGI server. The usage is very simple, due to the nature of the tool. Here’s a quick example of how I use it: #!/bin/nosh tcp-socket-listen 127.0.0.1 6000 tcp-socket-accept --no-delay cgid www/cgi-bin/my-cgi-script If you don’t know anything about UCSPI, this will look like nonsense to you. I have a post that I’ll publish later this week about UCSPI, so you can wait for that, or you can search for it and find lots of documents about it already.

Posted Mon, Feb 8, 2016

Handy Rust Macros

I’ve been writing some Rust lately and have been surprised at the dearth of examples that show up when I search for what seems obvious. Anyway, I wrote a couple macros that I’ve found very handy. The first seems like it should almost be core: macro_rules! warn { ($fmt:expr) => ((writeln!(io::stderr(), $fmt)).unwrap()); ($fmt:expr, $($arg:tt)*) => ((writeln!(io::stderr(), $fmt, $($arg)*)).unwrap()); } // Examples: warn!("This goes to standard error"); warn!("Connected to host: {}", hostname); This allows you to trivially write to standard error, and it panics if it fails to write to standard error.

Posted Sat, Feb 6, 2016

Checking sudoers with visudo in SaltStack

At work we are migrating our server deployment setup to use SaltStack. One of the things we do at deploy time is generate a sudoers file, but as one of our engineers found out, if you do not verify the contents of the sudoers file before deploying it you will be in a world of hurt. Salt actually has a pretty good built in tool for this, but it’s very poorly documented.

Posted Thu, Jan 14, 2016

Pong for Pico-8

I originally wrote this for the Pico-8 Fanzine but it was sadly not accepted. I still had a lot of fun writing in a totally different style than usual. Imagine the following has been printed out, scanned, and reprinted maybe five times. Pico-8 is a “fantasy console.” It’s a reimagined 8-bit console sorta like the Commadore 64 but with Lua as the primary language instead of BASIC. It’s very fun to play with and I think anyone interested in making games would do well to get it, even if it’s nothing like real life games.

Posted Wed, Dec 23, 2015

Farewell, CPAN Contest

In August I write about being tired of The CPAN Contest. I decided recently that once I hit 200 releases I’d stop and put my efforts elsewhere. I am not giving up on CPAN or Perl; but I do not think timeboxed releases are best for individuals. Though I am very pleased to be able to write, test, and document a new CPAN module over the course of a couple hours.

Posted Wed, Dec 16, 2015

PID Namespaces in Linux

One of the tools I wrote shortly after joining ZipRecruiter is for managing a Selenium test harness. It’s interesting because there are a lot of constraints related to total capacity of the host, desired speed of the test suite, and desired correctness of the codebase. Anyway one of the major issues that I found was if I stopped a test prematurely (with Ctrl-C, which sends a SIGINT) I’d end up with a bunch of orphaned workers.

Posted Wed, Nov 25, 2015

Dream On Dreamer

I can’t speak for others, but I was pretty inspired as a teenager. What I’d do is read random stuff throughout the week, then listen to some kind of music or watch a movie on Friday, and do my best to stay up all night and use what I’d learned to make something new. For the most part, as a teenager, I failed. As with most teenagers, I was pretty much worthless.

Posted Sat, Nov 21, 2015

How I Integrated my blink(1) with PulseAudio

At work I wear some noise cancelling ear buds. I do this because just twenty feet behind me there is a one hundred person sales team who sometimes claps, ring gongs, and is just generally loud. I also like to work to music and it helps me focus. My other coworkers all use large headphones, so they are used to being able to see at a glance if a given individual is listening to music.

Posted Tue, Nov 17, 2015

Fast CLI Tools: gmail

I have been using commandline tools to interact email for quite a while now. Basically there were two reasons: I wanted to use GnuPG gmail’s web interface became too slow The former should be obvious; attempting to have secure communications in the context of a web browser is laughable. The latter often surprises people. I think that if you pay a little more attention you’ll notice that gmail is clearly slower than local options.

Posted Sun, Nov 1, 2015

The Bad, The Good, and The Cloud

The Bad This weekend I was working on a little project that involved manipulating a fairly large (1.8 gB compressed, 17 gB uncompressed) 7zip archive. I don’t have 17 gB to uncompress to on my laptop and a significant amount of the archive was uninteresting to me. I thought it would be sortav fun and worthwhile to remove the files that are not needed, so I ran a man 7zr and started reading.

Posted Mon, Sep 7, 2015

The Chains of Get-It-Done

It’s 2AM. My wife and infant son are in bed. He’s teething so most of the interaction I have with her involves yelling over him and tense enjoyment of brief respites gifted by small cold things. I’m awake for two reasons. The first is that I enjoy the time I get alone. I tend to take advantage of this time by programming, watching film, or playing video games. Tonight I was especially excited because I got the PICO-8 fanzine and a bunch of new information regarding Linux Tracing was just published.

Posted Sat, Aug 22, 2015

CPAN Patch Workflow II

A couple of weeks ago I wrote an article about my CPAN Patch Workflow, but mentioned that I couldn’t use it with older projects that do not use Github for patches. This was due to my git configuration being subtly different from Yanick’s. Basically when I was running git send-email, I was being prompted for some input, notably the password to send email, as well as a confirmation dialog. I spent a few hours writing up some patches to Git::CPAN::Patch and resolved all of the issues I was running into, and the changes were released the other day!

Posted Tue, Aug 11, 2015

Perl ❤ Kickstarter

Today my boss, knowing that I am interested in weird modern cooking, sent me a link to the Imperial Spherificator, which lets you make whatever kind of caviar you want, like mint or coffee liqueur or Tabasco. I want to make some Worcestershire and soy sauce! Anyway, when he showed it to me there were no available “VERY EARLY BIRD” (or other limited variants) left. But to him there was one available, which is crazy because higher levels had been paid for.

Posted Mon, Aug 3, 2015

CPAN Patch workflow

I just wanted to write up a quick note on my workflow for CPAN patches, because I’m so pleased with it. I use three tools: Git::CPAN::Patch git-hub fugitive.vim When I first see a module that needs some love, like today I saw that Gazelle needed some POD reformatting, first I clone it (using Git::CPAN::Patch): git cpan clone Gazelle Then I fork it, so that I can make a pull request (using git-hub), make a branch, and set it up to track my fork.

Posted Thu, Jul 30, 2015

Index Hints in MySQL with DBIx::Class

I started at ZipRecruiter nearly two weeks ago and I finally feel like I’m finding my stride. It’s nice! Anyway, this post is mostly because I am positive that a lot of people need this and it’s difficult to make into an actual component. Sometimes in life one finds oneself using a “database” called MySQL. In order to make this “database” perform, one must sometimes hint at which indices to use or not use.

Posted Wed, Jun 24, 2015

AWS: Not just a place to run your VMs

I’m on my way out at Micro Technology Services, Inc.. Because of that my current boss has wisely taken me out of the loop of normal day-to-day programming so that my replacement can get plenty of experience before I’m truly “on vacation” as we say. With that in mind I’ve been tasked with stuff that will be interesting to me, valuable to the company, but if something goes sideways it won’t be a big deal if it never ever happens at all.

Posted Sat, May 23, 2015

Converting from SQL Server to Postgres

One of the things that I’ve been working towards for a long time at my current job (which I’m on the way out of) is to have the project work 100% on Linux. The main thing holding it back from that is that it depends on SQL Server. Now of course DBD::ODBC runs on Linux and even nowadays Microsoft distributes their Native Client for Linux. But our project is turnkey and runs on one physical machine, so the database is included.

Posted Tue, May 5, 2015

Haxxed

This has been a pretty big week for me; On Tuesday we listed our house to be sold! On Wednesday night I got what I thought was indigestion, and on Thursday had an appendectomy! Just today, Saturday, I think we have sold the house (pending all required legal grace periods of course.) This all pales in comparison to the really big news this week: this server got hacked. Saturday morning I noticd that Freenode was blocking my IRC client because I was on some blocklist (DroneBL, to be specific.) I looked into it briefly with mst’s help.

Posted Sat, May 2, 2015

Announcing DBIx::Class::Candy::ResultSet

Hello all! I just released DBIx::Class::Candy 0.003000, which comes with DBIx::Class::Candy::ResultSet. This should completely resolve the issues I mentioned in my previous post. This is how I use it: package Lynx::SMS::Schema::Candy::ResultSet; use strict; use warnings; use parent 'DBIx::Class::Candy::ResultSet'; sub base { 'Lynx::SMS::Schema::ResultSet' } 1; package Lynx::SMS::Schema::ResultSet::MessageChild; use Lynx::SMS::Schema::Candy::ResultSet; ... 1; If anyone runs into any issues let me know. Sorry that perl didn’t use c3 from day one!

Posted Tue, Apr 14, 2015

MRO's and you; how the distinction between C3 and DFS changed my life

Recently I fixed DBIx::Class::Helpers so that each helper would have a base class. This is actually something that ribasushi had been sorta hounding me to do for years but I could never figure out the case where it mattered. The reason I finally made the change was because a user ran into an issue that fixing the base class actually resolved. Unfortunately I neither documented what it was nor wrote a test.

Posted Tue, Apr 14, 2015

Docker Simplifications: Bugtowne City

I have a fairly complex docker container that I run on all of my machines. I would like to simplify it in a number of ways and for some reason I decided that it would be interesting to start on that project last night. The simplifications that I want to do are as follows: Have all three daemons log to /proc/1/fd/1; this would remove one of my volumes and let me view logs with just docker logs offlineimap Start docker with docker run ...

Posted Fri, Apr 3, 2015

Faster DBIC Schemata

Last week I did a talk for the Milwaukee Perl Mongers and this week I did it again for the Los Angeles Perl Mongers. I will do it one more time for DFW Perl Mongers soon, hopefully, if only to get the best version recorded. In the talk somehow near the end I discussed with Steve Nolte how to make a large DBIC schema faster. The best way to solve this is to make Core DBIC lazy load it’s results, but that has historically been hard to get working.

Posted Fri, Mar 27, 2015

Fear and Loathing in SQL-92

Like the tortoise I’ve been slowly but surely working on getting our application working on both SQL Server 2005+ and Postgres 9.4+. The latter is a new addition, hence the “latest and greatest” version. For the most part I’ve been surprised at how easy it has been. Both servers support using " as the identifier quote, which is all that I have to change in the majority of queries. For some dumb reason (there is a real reason, but it is dumb) most things use [, ] for the quotes in SQL Server.

Posted Wed, Mar 4, 2015

DBIx::Class::Helper::ResultSet::Errors

This is just a quick post to update you all on a nice new helper. Recently at my work we hired a new programmer and I’ve been showing him the ropes. I noticed him running into the age old confusion of treating a ResultSet like a Result, so I took note and decided to make a helper to give specific error messages when the user makes that mistake. If you plan on hiring new people ever, or you are a mere human yourself, why not add DBIx::Class::Helper::ResultSet::Errors to your base ResultSet?

Posted Fri, Feb 20, 2015

Configuration Station

We’ve all dealt with and implemented configuration systems. I’ve set up a few different kinds over time. I think the very first was something like the following: package MyApp::Util; use strict; use warnings; use JSON; our @DBI_PARAMS = do { open my $fh, '<', "C:/inetpub/myapp.json" or die "couldn't open myapp.json: $!"; @{decode_json(<$fh>)} }; ... 1; It certainly leaves a lot to be desired! At the minimum it at least gave us something better than hardcoded settings, but that’s almost all it gave us.

Posted Thu, Feb 19, 2015

OfflineIMAP Docker

This needs to be a short one as I don’t have a lot of time to write this, but I just wanted to quickly put out some thoughts about one of the more complex Docker setups I’ve made in the past few days. I use offlineimap to sync my mail to all of my local computers. I find that it paired with notmuch is both faster and better at search than vanilla Gmail, plus at some point I’d like to cut the cord with Gmail entirely.

Posted Fri, Feb 6, 2015

Docker: First Impressions

Today I deployed my first Docker based application. I just wanted to get down some basic thoughts about how it went down etc. Nearly all the hosted (ie not turnkey) apps that we have at work have some form of git-based deployment strategy. (Aside: Don’t say something silly to yourself like “git is not a deployment strategy!” It totally is, you just don’t like the tradeoffs.) Each one has it’s own special snowflake of push vs.

Posted Wed, Jan 28, 2015

Asynchronous Musings

Recently at work I’ve been working on our first section of code that is purely asynchronous. It’s pretty exciting! As I’ve discussed before, we’re using IO::Async, which has first class support for Futures. Futures are sorta kinda a way to express callbacks. They aren’t quite as powerful, but they can do nearly everything callbacks can do. (Specifically Futures represent a single action, not a stream of actions like callbacks can.) Anyway, with a Future you have to either put the object somewhere, or do a weird self closure thing.

Posted Thu, Jan 22, 2015

MORE MORE MORE: 2015 Edition

This is a three part post, but it’s supposed to be short, so lets get to it! Part I: Shorter Blog Posts I like to blog, but my posts tend to get really long and involved, because I sorta like to think from first principles and build up and tend to teach that way also. It’s generally not great; my documentation usually has something to be desired after I’m done. I think I’m a pretty good communicator, but I need to be better at succinctly and also clearly documenting.

Posted Sat, Jan 17, 2015

NSIS Sucks

This is the first article of a series on Windows Installers. (Note from the future: I have happily been able to abandon Windows professionally, so there will almost surely be no more of these.) I wrote an installer for work using Nullsoft Installer System (aka NSIS) about 18 months ago. (To be completely honest I wrote most of it but my coworker has to take a good portion of the credit for finishing it all the way.) It works pretty well, but mostly that’s because it just automates what we did before (extract, run a bunch of perl scripts, done.) As with many kinds of automation, I found that you cannot leave the way you came.

Posted Thu, Oct 2, 2014

How to replace your CyanogenMod Kernel for Fun and Profit

I’ve recently been on a journey of discovery with respect to “observability” tools. I’m sure many other Linux users have felt the lust after DTrace that first the relatively obscure Solaris (and kids) and now the totally non-obscure OSX users have. After watching various presentations about DTrace features I’ve kept my ear open for features that are similar on Linux. Last month I posted about strace and sysdig. Both strace and sysdig are pretty coarse compared to what can be done with DTrace, though both are pretty great.

Posted Thu, Aug 28, 2014

Concurrency and Asynchrony in Perl

Lately I’ve been in situations where I need to write some event driven, parallel code. Most people call that “async” and I’ll stick to that for now. What I’ve been doing is writing a little TCP service that can accept any number of clients at the same time (though typically only one) and interact with the clients in a single process and with no multithreading. As surely many have remarked before, this is to some extent the future of computing.

Posted Tue, Jul 29, 2014

DBIx::Class: Parameterized Relationships

Probably once a week in the DBIx::Class channel someone asks if there is a way to pass arguments to a relationship. There is an answer but it isn’t pretty or for the faint of heart, so I finally have decided that I should write up a post detailing how to do it and nicely hide it from the user. For what it’s worth there are plans to make a first class API for this, and the following code is a workaround.

Posted Tue, Jul 22, 2014

A Gentle TLS Intro for Perlers

At work we’ve recently been audited for security by one of our customers and one of the takeaways was that we need to encrypt more things. Specifically all things. This lead me on a journey of discovery. In this post I’ll give some basic sample code on how to set up and debug a server using TLS, as well as some basic info on TLS itself. TLS? TLS is what most people think of as SSL.

Posted Thu, Jul 17, 2014

A Few of My Favorite Tools

strace Recently I’ve started branching out some in my debugging style. In the past it was usually adding print statements, reading docs carefully, reading logs, etc. I still mostly add print statements when I’m debugging my own code, but when trying to figure out why some random program isn’t working, instead of reading docs I go straight to strace. If you don’t already know, strace traces system calls, so it effectively gets between the program and the kernel and lists all the system calls being made.

Posted Mon, Jul 7, 2014

Use Travis (and more)

At YAPC last week vanstyn was complaining about the fact that there is so much “assumed knowledge” in Perl. One of the examples he gave was TravisCI. There are a few tools that go with Travis that every Perler should know about. First off, use Travis! Step one is to enable it for your repo at https://travis-ci.org/profile/$username. After that add a text file to your repo with the name .travis.yml with the following content: language: perl perl: - "5.18" - "5.16" - "5.14" - "5.12" - "5.10" - "5.8" install: - export RELEASE_TESTING=1 AUTOMATED_TESTING=1 AUTHOR_TESTING=1 HARNESS_OPTIONS=c HARNESS_TIMER=1 - cpanm --quiet --notest --installdeps .

Posted Sun, Jun 29, 2014

You're Awesome YAPC!

I just got back from this year’s YAPC::NA and boy did I have a good time! I’m trying to just get it down before I get back into the groove of regular life, so don’t expect poetry (like those of us who where in rjbs’ talk were treated to during technical difficulties.) First off, this year I took Rik’s advice from his !!con blog and decided to just walk up to random people and talk to them.

Posted Thu, Jun 26, 2014

Static Site Comments?

A week ago I blogged about how I ditched WordPress for Hugo. One of the (at least temorary) casualties to that conversion was the loss of comments. I did export the comments for later inclusion into the site somehow, but I have yet to see an option I can live with for hosting them. Here I’ll discuss the two obvious options. Disqus My original plan was to start using Disqus immediately.

Posted Tue, Mar 25, 2014

F# has Handy GC

As mentioned previously I was recently learning about F#, a neat mostly functional language for the .NET vm. One of the things I was really impressed with was that it allows the user to take advantage of timely destructors. I was under the impression that except for reference counted GC (perl, cpython, and I think C++) timely destructors were impossible and that the user is instead required to close their filehandles, database handles, or whatever other cleanup they need to do, within a finally block.

Posted Thu, Mar 20, 2014

F# has Weird OO

A little while back I was learning about F#. For the most part F# is a cool language. It’s based on ML and is an impure functional language. Here is how you can do some things with F#: Define a function: foo a b = a + b Call that function: let x = foo 1 2 There is a lot more, like currying, powerful type inference, etc. But I was learning F# because at work we were integrating with a .NET SDK and I am not super interested in writing C#.

Posted Mon, Mar 17, 2014

New Blog Engine: Hugo

Nearly a year ago I started to sour on WordPress, the blog engine I’ve been using since 2007. I have thought for a long time that a plaintext based system would be better, easier to manage, and that I could do more remotely (ie offline) with such a system. At the time I looked around and the best option I saw was ikiwiki. For what it’s worth, as with pretty much any blog engine it can be themed to be pretty, and it has a ton of plugins, and hey, it’s written in perl, so I could hack on it if need be.

Posted Sat, Mar 15, 2014

Announcing ::Helper::ResultSet::DateMethods1

I have had this ready to go for a few days now, but I figured I might as well wait for Mardi Gras; so feel free to celebrate, put on a masque, and enjoy a nice Hurricane Cocktail while you read this. A little over three years ago I got inspired while on vacation to Crested Butte, CO and started a branch in DBIC called merely, “date-ops.” The idea was to allow users to call various date functions, portably, directly in DBIC.

Posted Tue, Mar 4, 2014

Game Review: The Swapper

A friend recently mentioned an idea of a club where you play the games you get in the humble bundle and then talk about it afterwards. Kinda a solution to the whole problem where you get a bunch of games from steam sales, humble indie bundles, or just plain excess but then never play them. I decided to do it with some friends at work who already play games anyway. The goal isn’t to write an essay, but merely write a brief review, especially if the game sucked.

Posted Sun, Mar 2, 2014

Use Docker to test your code! (and a subtle announcement)

Lately I’ve been working on code to unify disparate SQL into a small set of abstractions. There is a lot to do, and while testing generated SQL is nice, actually running that SQL and examining the results is the best way to test the code. In the past I would have installed a bunch of database engines locally. More recently I’dve used Travis to test against a bunch of databases. I still think that’s a good idea, but pushing to CI to test your code sucks.

Posted Sat, Feb 22, 2014