Posts
Consul Prometheus and Puppet
Recently I’ve been playing around with Prometheus. For now I think it is the best open source solution for monitoring (in the same way that chlamydia is probably the best STD). Previously I was a fan of Sensu, but honestly there are just too many moving parts to go wrong with Sensu, which meant they inevitably did.
So, why do I like Prometheus? Basically, it stays pretty close to the UNIX philosophy of doing one thing and doing it well - basically it is just a time-series database.
read morePosts
Playing with Docker Swarm Mode
The big announcement of the recent DockerCon was 1.12 integrating Swarm. As far the as the ecosystem goes that is quite a game changer, but I will not be dwelling on that. I am just going to regurgitate what others have said and add a few bit of my own.
I am going to build a simple cluster that looks like this:
What we have here is 2 nodes running Centos 7 which run Docker 1.
read morePosts
Spiuk Z16R
I seem to be writing more about cycling than anything else at the moment. I even have some more posts lined up on the subject, but there are few IT related ones coming too.
Anyway, I just got these the the other day to replace my old Scotts that had served through a hard Brittany winter. I got them because I read they were incredibly comfortable.
They are pretty standard fair for their RRP of €145.
read morePosts
Open Source and Cycling
I love both Open Source and Cycling, but the 2 do not ofen meet. In fact the cycling industry is incredibly secretive and dominated by patents. It is one of the major reasons that it is very hard to enter the groupset market (for roadies there are 3 major brands, for MTBers only 2). SRAM recently completely changed the way derailleur shifting worked with their new eTap electronic groupset, basically to work around Shimano’s patent library.
read morePosts
Letsencrypt with Apache and Puppet
Using Puppet to manage Letsencrypt certs and Apache VirtualHosts
read morePosts
I just Fixed the pro-peloton disc brake problem
There has been boo-hoo-hooing the last few days about an injury sustained by Francisco Ventoso at Paris-Roubaix.
Yes that spongey looking bit is his bone. It is seriously nasty and the UCI have re-banned disc brakes as a result.
However, the fact is that disc brakes are a lot better than rim brakes. Rim brakes suck - especially in the wet. On carbon rims they suck even more even in the dry.
read morePosts
If you are affected by DROWN you are an idiot
Drown is the latest vulnerability in OpenSSL. Essentially it allows an attacker to decrypt your TLS session and get data out of that session.
The thing is, it is based on a vulnerability in SSLv2! Here lies my problem with this: SSLv2 has been known to be insecure for 20 years. Not only that, but SSLv3 also and even TLS1.0 (effectively SSLv4).
The number of clients requiring even support for TLS1.
read morePosts
Using EYAML with Puppet 4
Happy 2016 all
This weekend I finally got round to adding eyaml support to Puppet in my lab. What is on earth am I talking about?
Puppet can use a thing called Hiera as a data source, think of it as a database for configuraion. In an ideal world, your manifests will be completely generic - in fact your control repo could consist of nothing but a Puppetfile with a list of modules to install (if any one lives in that ideal world, you are better than me).
read morePosts
Got some new cycling gear
I've been shopping! I've recently bought myself a new pair of pair of bib tights (for the full Dave Lee Roth effect) and a new jersey. More specifically I've bought DHB Vaeon Roubaix padded tights and a DHB Windslam jersey.
DHB is the house brand of online cycle megastore Wiggle. Wiggle are based in Portsmouth, which is where I studied, lived for 10 years, met my wife and where both my children were born.
read morePosts
How I Classify Puppet Nodes
The basics of defining what modules get applied to a particular node is really simple in Puppet. Out of the box you just use the hostname and the FQDN and everyone is happy. You find this everywhere in documentation, blog posts, presentations, etc. However is has a problem: scale.
What if you have an elastic infrastructure with nodes being created and destroyed automatically? What if you want to use the same manifests in different environment, but use different hostnames?
read more