Skip to main content


Showing posts from March, 2014

Wireless for the last mile

In cabling parlance installers talk about the last mile being the last mile of cable that needs to be installed for the end-user to receive whatever service they are providing.
Recently Comcast entered into my neighborhood. They've been tunneling dredging cabling and tearing up our local neighborhood. I can't wait for Comcast to enter into service because they are clearly a more superior product to the current supplier.
As they are doing this installation I find myself wondering why they aren't applying a Wi-Fi product or some sort of mesh whereby they would not have to enter or dig as much as they are. There are clearly challenges associated with a Wi-Fi scenario in that there is a single point of failure that effect multiple customers.

RDP and VNC are dead

While ubiquitous bandwidth exists within the enterprise and even the local home network it does not exist in the wild. While ubiquitous bandwidth was the promise of telco the regulation it never materialized. Even the more recent net neutrality was supposed to support even in a modest way the remote virtual desktop experience.
In reality the Internet is not as reliable and does not have the bandwidth that's necessary for continuous virtual desktops to be practical. And of course let's not forget security and privacy.
As proof one only needs to open a terminal session to a remote computer even within the same city let alone the same country and typically those connections will be lost or chunky as network usage goes up. Telcos are stealing their network based on average or mean network load not on peak load. One normally sees a rise in latency when the kids come home from school at around 3 o'clock with a slight dip at dinner time around six and then picking again around eigh…

You're cruising obligation

If you're traveling on a cruise you have an obligation to bring alcohol in your suitcase whether or not you will actually consume it yourself. Strategy is pretty simple by bringing liquor on in your suitcase you're creating a unit of work for the security team to look for your bags. However if there is liquor and everyone's bags there's no way that the security team can keep up with the request to search bags. Therefore a good number of bags are going to make it through security and into your statement.

Monolithic code trees in SCCS or DCVS

I like the Google model of one trunk to rule them all.... until I have to fork the code in order to make a small adjustment for a time app or script. Then I hate waiting 45 minutes for the entire system to checkout. I'm further frustrated by the amount of storage it takes for one of these all-in-one mega-checkouts. Google's answer to the size of the repo is to create a very special filesystem that does pre-checkout staging with symlinks and a bunch of proprietary preprocessing. Who can afford that?

On the other hand when you create multiple sub projects with dependencies and so on... then your maintenance costs go up as you try to maintain, backup and manage some sort of real DR plan. The alike of Fossil-SCM fills that gap nicely but then it still feels manually intensive.

What happens when your business is somewhere in between?

VPS are fun but at a cost

If you're using VPS solutions... unless you can predict your usage and the usage of the other tenants on the same bare metal then be sure to perform all your processing and computation as soon as possible.  There is no point in delaying the processing ... if you have to delay any processing that then becomes the equivalent of a heavy batch job your system contention will change to one where the batch will never have enough or will have sporadic resources and processing profiles. Doing the processing ASAP means that the profile will be flattened as the intra transaction gap will be erased by the transactional latency.

If I were building a framework from scratch...

What features need to be implemented from scratch:

down for maintenance mode screenreverse proxy for load balancing, A/B, and green/blue deploymentREST API layer for all of the business intel.Service for Static artifactscomplete metrics gatheringDEVOPS console including deploy buttonauthentication APIsRBAC APIsdatabase abstraction or API wrapperweb socketsRPC/SOAP - probably not much different than REST but with a stronger type bindinghttp/https - REST - use content-type and accept to specify the format of the logic as state machineremove branching in the state machine to keep testing simplewrapper for clustered data like Redis or etcdconfiguration as code - no config files.feature flags in the code and not in config filesstore the code with the data so there is complete auditCI/CD by pulling the code from the databasetake the fossil-scm approach to code, wiki, blog all in one file.LDAP baked inplugin framework to extend the base language APIs.multiple source languages …

A Question About the Practical Use of Twitter Bootstrap

I like Twitter Bootstrap but there are a number of challenges when it comes to being productive. (forget responsive.)  What happens when you spend 6 months building your killer Bootstrap killer app when out of left field there is a new release. Whether it's a patch or a feature release is not the challenge. But what happens when you purchase a template from a vendor and that also needs an upgrade. Can it be as simple as a drop-in replacement? I don't think so.

So when you buy one of those templates from wrapbootstrap you should plan on being in front of your keyboard when they upgrade. The only way this will work well is if there is a loose coupling between your client-side components and the bootstrap artifacts; and as far as I can tell; that simply does not exist.

REST APIs, versions, and the stratification of error responses

Over the last few years I have been constructing a number of REST-like services. Each time I refine my process and design principles; this time I'm going to address server side errors with a modest sidebar to REST API versions.

I really like the Requests toolkit for python. The example on the home page makes it clear what we should all aspire to. Let me point out the use of the r.headers['content-type']. A recent article I read suggested that the designed mechanism is putting the version in the path. I suppose this is functional but it causes a number of challenges. The first is that the infrastructure needs to be able to generate relative references and to be aware of the API version numbers and that it has to be across all APIs.  So it's an all or nothing approach.

The other approach, which I prefer but is is not very Requests friendly is changing the Accept and Content-Type in the header. Something like this:…

Programming languages that I like enough to install on my laptop

Some time ago I decided that I was not going to install anything my laptop.  First of all because I always find myself installing countless libraries that I can never reproduce the environment accurately enough for a practical CI/CD environment. Secondly because it also means trying to stay current with the latest versions of the language and/or libraries. Third, there is always a time when versions skew between production and development meaning that my local machine needs to be able to operate in multiple versions. Finally, rebuilding my laptop after a reinstall or replacement is time-consuming if not impossible.

While there is nothing I can do about the first and second challenges the others can be handled. There are a number of ways to handle #3. Ruby has RVM, GoLang has GVM, perl has perlbrew, python has pythonbrew and virtualenv. There are other options for different languages but this seem to be getting some traction #4 can be addressed with chef, puppet, salted and a few other…

When is it time to change?

If your company or employer is building platform based on third-party tools and frameworks when is the right time to abandon those tool chains for more modern alternatives?
One corollary to this question is how much of the toolchain do you need to own in order to achieve the evolutionary sweet spot where you provide as many choices as needed in order to survive? (this comes from the decomposition of AI game theory which suggests that most artificial intelligence systems play in a direction where they have more choices)

Getting mosh to build, deploy and run ... on OpenBSD, Ubuntu, OSX

This was a pain in the ass but I'm glad I went through the process. In addition to my previous observations it also became apparent that Mosh is not running in userspace except on the server side depending on how it was installed on the server.

Installing Mosh on OSX using homebrew seemed to have some subtle side-effects when using fishshell so I made certain I was using bash. Also, there was boost package conflict so I had to remove and reinstall it.

About the only good news is that it installed flawlessly except that since it was installed with apt-get it was installed as root. I suppose if I had manually compiled I would have only marginally better results because the installation instructions want a "% make install" which is clearly being installed as root.

Installing Mosh on my OpenBSD 5.3 machine was by far the longest, hardest, and time consuming. The biggest flaw appears to be that the installation instructions on the Mosh site missed a number of dependencies and…

Mosh - mobile shell

Mosh version 1.2.4 is out and I'm not sure whether or not it's a new release or not however I did read a recent posting. Two things caught my attention specially based on previous posts of mine where I criticized wash for its claims to be more secure than SSH.
The first changes that the mosh website now no longer makes the claim that it is more secure than SSH.
The second change is that the website also suggests that because it uses UDP instead of TCP that it is less desirable to use it on production machines.
The only conclusion I can come to his that Mosch is not really a secure alternative to SSH. The certain reality is that if you have to remotely connecting to a server that machine should always be considered production. It does not matter whether or not that machine is actually a development machine or not. Hey vulnerability to one machine is tantamount to a vulnerability in all machines. All of the advantages of using UDP I no longer valid if you have to total through a TC…