dannyman.toldme.com


Linux, Technical, Technology

Windows 10

Link: https://dannyman.toldme.com/2016/01/02/windows-10/

The other day I figured to browse Best Buy. I spied a 15″ Toshiba laptop, the kind that can pivot the screen 180 degrees into a tablet. With a full sized keyboard. And a 4k screen. And 12GB of RAM. For $1,000. The catch? A non-SSD 1TB hard drive and stock graphics. And … Windows 10.

But it appealed to me because I’ve been thinking I want a computer I can use on the couch. My home workstation is very nice, a desktop with a 4k screen, but it is very much a workstation. Especially because of the 4k screen it is poorly suited to sitting back and browsing … so, I went home, thought on it over dinner, then drove back to the store and bought a toy. (Oh boy! Oh boy!!)

Every few years I flirt with Microsoft stuff — trying to prove that despite the fact I’m a Unix guy I still have an open mind. I almost usually throw up my hands in exasperation after a few weeks. The only time I ever sort of appreciated Microsoft was around the Windows XP days, it was a pretty decent OS managing folders full of pictures. A lot nicer than OS X, anyway.

This time, out of the gate, Windows 10 was a dog. The non-SSD hard drive slowed things down a great deal. Once I got up and running though, it isn’t bad. It took a little getting used to the sluggishness — a combination of my adapting to the trackpad mouse thing and I swear that under load the Windows UI is less responsive than what I’m used to. The 4k stuff works reasonably well … a lot of apps are just transparently pixel-doubled, which isn’t always pretty but it beats squinting. I can flip the thing around into a landscape tablet — which is kind of nice, though, given its size, a bit awkward — for reading. I can tap the screen or pinch around to zoom text. The UI, so far, is back to the good old Windows-and-Icons stuff old-timers like me are used to.

Mind you, I haven’t tried anything as nutty as setting up OpenVPN to auto-launch on user login. Trying to make that happen for one of my users at work on Windows 8 left me twitchy for weeks afterward.

Anyway, a little bit of time will tell .. I have until January 15 to make a return. The use case is web browsing, maybe some gaming, and sorting photos which are synced via Dropbox. This will likely do the trick. As a little bonus, McAfee anti-virus is paid for for the first year!

I did try Ubuntu, though. Despite UEFI and all the secure boot crud, Ubuntu 15.10 managed the install like it was nothing, re-sizing the hard drive and all. No driver issues … touchscreen even worked. Nice! Normally, I hate Unity, but it is okay for a casual computing environment. Unlike Windows 10, though, I can’t three-finger-swipe-up to show all the windows. Windows+W will do that but really … and I couldn’t figure out how to get “middle mouse button” working on the track pad. For me, probably 70% of why I like Unix as an interface is the ease of copy-paste.

But things got really dark when I tried to try KDE and XFCE. Installing either kubuntu-desktop or xubuntu-desktop actually made the computer unusable. The first had a weird package conflict that caused X to just not display at all. I had to boot into safe mode and manually remove the kubuntu dependencies. The XFCE was slightly less traumatic: it just broke all the window managers in weird ways until I again figured out how to manually remove the dependencies.

It is just as easy to pull up a Terminal on Windows 10 or Ubuntu … you hit Start and type “term” but Windows 10 doesn’t come with an SSH client, which is all I really ask. From what I can tell, my old friend PuTTY is still the State of the Art. It is like the 1990s never died.

Ah, and out of the gate, Windows 10 allows you multiple desktops. Looks similar to Mac. I haven’t really played with it but it is a heartening sign.

And the Toshiba is nice. If I return it I think I’ll look for something with a matte screen and maybe actual buttons around the track pad so that if I do Unix it up, I can middle-click. Oh, and maybe an SSD and nicer graphics … but you can always upgrade the hard drive after the fact. I prefer matte screens, and being a touch screen means this thing hoovers up fingerprints faster than you can say chamois.

Maybe I’ll try FreeBSD on the Linux partition. See how a very old friend fares on this new toy. :)

Feedback Welcome


Quotes, Sundry

Tommyisms

Link: https://dannyman.toldme.com/2016/01/08/tommyisms/

Last night:
Dad: “Was the pizza good, Tommy?”
Tommy: “No! It was super duper good!”

This morning:
Tommy: “Daddy, go away with your cool dog shirt.”

Feedback Welcome


About Me, Amtrak, Biography, California, Testimonials, Travels, USA

40

Link: https://dannyman.toldme.com/2016/01/19/40/

Today marks the completion of the 40th trip of this body around the local star. A momentous milestone for the resident being. I spent the weekend with my wife and son, riding the train down to Santa Barbara and back, a pretty little beach town where we visited the zoo and ate ice cream together.

Most likely, I’ll be around another 40 years, or more, but really: who knows? Every day I wake up with my health and my loved ones is a blessing.

The trip has been good. Tommy did pretty well, and the scenery along the way has had a lot of that intense emerald green the dry parts of California get after some good winter rains. The view along the coast near Santa Barbara is worth the long train ride.

I am grateful to be alive. I am grateful for my family. I am grateful for my friends. I am grateful for my job and ability to earn a living. I am grateful to be living at what honestly seems to be a very promising time in the history of our species. Life will not always be so great for this being, and in time, my life will end. I am grateful for the time I have had, and the time I have yet, and that I get to experience a little part of our collective adventure.

Feedback Welcome


About Me, Biography, News and Reaction, Politics, Testimonials

Protesting Protests

Link: https://dannyman.toldme.com/2016/01/20/protesting-protests/

Yesterday, on Martin Luther King Junior Day, a national holiday, Black Lives Matter protesters briefly shut down the San Francisco Bay Bridge in one direction. I smiled at that. A traffic snarl on a holiday commemorating a great activist caused by today’s ambitious activists: what is not to love?

But today on the drive in they were discussing it on Forum and people kept calling in to complain about how yeah sure they support black people and they think it is okay to protest but not, heck forbid, if it is disruptive. “Who do these people think they are? They’re not going to win me over with tactics like that!”

"Hooray for Our Side"

“Hooray for Our Side”

Dan Brekke, also of KQED, posted a piece with some historical perspective, and recounted how his Uncle Bill Hogan, once a Catholic Priest, had participated in a very similar protest in Chicago, blocking a highway into the city, on a Tuesday, May 9, 1972. He remarked that the Vietnam War ultimately ended, but that the protest in question was only one of very very many.

I got to thinking of the first time I ever engaged in a protest. Just a few days over twenty five years ago, on January 16, 1991. To quote an article by Charles Leroux in The Chicago Tribune:

“Cara Brigandi, 16, a junior at Lincoln Park High School, said she led a movement of Lincoln Park students to walk out of school and protest. Organizers gave students their marching orders when they came to school Tuesday morning. Fliers were passed out urging students to leave classes about 10 a.m. That effort mushroomed into a march down North Avenue to Lake Shore Drive and then to the Loop. Along the way, Lincoln Park students say they picked up students from the Latin School of Chicago, and William Jones Metropolitan High School. By about 12:30, approximately 200 students were in front of City Hall.”

I remember getting the flyer at the school door. I remember that moment when the time came and every student had to ask themselves whether they were going to stick with class or step outside. I remember looking out the window to see a growing crowd inviting us to join them and then the moment I decided to join other teenage kids running down the stairs to break a first taboo. After some cheering and whatnot, the crowd headed down the street. The cops managed to break the crowd in two, with the folks in the back returning to school. Those of us toward the front were soon walking through a Chicago winter day down a highway on-ramp and on to Lake Shore Drive: two lanes of students, one more lane of police cars, buffering us, and another lane of mid-morning traffic squeezing by, many cheering us on.

“Hell no, we won’t go,” the protesters chanted. And: “One, two, three, four, we don’t want your (bleeping) war. Five, six, seven, eight, we will not cooperate.” Among the crowd were many non-students who had protested the Vietnam War. With that war, “it took years before there was this kind of protest,” said Lester McNeely, 37, of Oak Park, a member of the West Side Peace Coalition.

The next day, we started to bomb Iraq.

Back to the present day … Dan Brekke suggests that one objective of protest is to get people arguing, and a comment on the Forum discussion cites Dr King himself:

I must confess that over the last few years I have been gravely disappointed with the white moderate. I have almost reached the regrettable conclusion that the Negro’s great stumbling block in the stride toward freedom is not the White Citizen’s Council-er or the Ku Klux Klanner, but the white moderate who is more devoted to “order” than to justice; who prefers a negative peace which is the absence of tension to a positive peace which is the presence of justice; who constantly says “I agree with you in the goal you seek, but I can’t agree with your methods of direct action;” who paternalistically feels he can set the timetable for another man’s freedom; who lives by the myth of time and who constantly advises the Negro to wait until a “more convenient season.”

Shallow understanding from people of goodwill is more frustrating than absolute misunderstanding from people of ill will. Lukewarm acceptance is much more bewildering than outright rejection.”

I’ve come a long way from being a chanting high school kid walking down LSD … I own a house in the suburbs!? I guess I’m in a place where I can suggest to others of my social class that there is a time for order, but there is also a time for action, however messy, disorganized, inchoate, and perhaps even self-defeating.

If it is Martin Luther King Day, and your trip across the Bay Bridge from the Chocolate City of Oakland into the Liberal Mecca of San Francisco gets delayed by people who are angry about cops murdering black kids, well, I would suggest that whether you agree with the protest or not, this is a perfect time to roll down the window, raise your fist in the air, and express your opinion.

Feedback Welcome


News and Reaction, Politics, Testimonials

Why Young Liberals Feel the Bern

Link: https://dannyman.toldme.com/2016/01/29/why-i-feel-the-bern/

I was watching Larry Wilmore and the panel asked itself why are young liberals not excited about Hillary Clinton, and they jumped straight to the thesis that the cause is sexism. I know that there is no shortage of hatred against Hillary rooted in sexism, but for young liberals, I don’t think that this is what is turning them on to Sanders. I think that if there is a prejudice at play, it is against going back to the past.

Many of us who can remember the 90s remember it as a pretty good time, (as long as you weren’t big on equal rights for gays) especially in contrast to the George W years. Sure, the Republicans hated everything about the Democratic president but at least that could be rationalized by his obvious moral shortcoming. Younger liberals don’t remember those years. They came of age under a president whose political credentials were rooted entirely in his relationship to a 90s president. That was a train wreck. Eight years ago, we considered Hillary Clinton but decided that whatever nostalgia we felt for the 90s was trumped by an inexperienced Black Guy with a funny name. Say what? Its like progressives were less than eager to embrace the past.

And you see how that works out. Like Clinton, the Right hates Obama. Alas, Obama’s greatest moral failing is that he enjoys an occasional cigarette, so the Right is left to invent moral failings: he’s Muslim! he’s foreign! he’s Socialist! He’s … whatever … meanwhile the Left is trying to figure out the degree to which the Right hates Obama because they’re just plain old racist or do they simply hate any Democratic President?

Anyway, you look at your options: Hillary would be a perfectly competent President, like Bill was. Sure, the Right will hate her but she’s been dealing with that bullshit longer than most of us have been alive. That she hasn’t been crushed by hate and still seems somewhat human is a testament to her strength of character, and sheer, pragmatic, calculating ambition and political savvy. She’ll know how to work a hostile Congress to eek out incremental progress, much as Obama has.

Or, if they’re going to hate your president anyway, why settle for a pragmatic, shrewd centrist who will eek out incremental progress when you could just vote your Socialist ideals and send the Right wing our own tough New Yorker who says out loud what we’re all thinking anyway: that the banks are too big, that the rich get away with murder, and that Socialism is not an evil bogey man that will hand victory to the USSR.

bernie-no-bullshit

And … I for one remember the 1990s … I don’t remember Clinton actually achieving anything. Healthcare reform went down in flames. Gays could be allowed in the military as long as they kept it in the closet. We deregulated the banks while sticking the evil Welfare Moms with red tape. We really didn’t move the ball forward much … if at all. When we later swooned for Barack “Hope and Dreams” Obama, we got some health care reform, women now serve in combat, and gay people can get married in all fifty states. Sure, we haven’t closed Guantanamo Bay, and there are still some troops in Iraq and Afghanistan, but Osama bin Laden is dead and we aren’t fighting any new wars. Not bad for voting for the unlikely young guy who had more rhetoric and possibility to offer than the Clinton option.

So, yeah, when it comes down to another Clinton administration versus taking a chance on Idealism, a lot of us figure voting for an Angry Old Brooklyn Jewish Socialist could be the better option.

Feedback Welcome


Linux, Technical

Tech Tip: Self-Documenting Config Files

Link: https://dannyman.toldme.com/2016/02/09/tech-tip-self-documenting-config-files/

One of my personal “best practices” is to leave myself and my colleagues hints as to how to get the job done. Plenty of folks may be aware that they need to edit /etc/exports to add a client to an NFS server. I would guess that the filename and convention is decades old, but who among us, even the full-time Unix guy, recalls that you then need to reload the nfs-kernel-server process?

For example:

0-11:04 djh@fs0 ~$ head -7 /etc/exports
# /etc/exports: the access control list for filesystems which may be exported
#               to NFS clients.  See exports(5).
#
# ***** HINT: After you edit this file, do: *****
#       sudo service nfs-kernel-server reload
# ***** HINT: run the command on the previous line! *****
#

Feedback Welcome


News and Reaction, Politics

Bernie Sanders vs Henry Kissinger

Link: https://dannyman.toldme.com/2016/02/13/bernie-sanders-vs-henry-kissinger/

I finally caught a Democratic Debate last night, thanks to a gracious wife who helped our son to bed. I’m a Sanders guy, I send him $25/mo. I recently read that he’s the only candidate who pays his interns, which I like for several reasons: economic opportunity for young folks, which our country needs, and my hunch is that someone getting the opportunity to earn a paycheck is going to have a little more earnestness than a more privileged kid who is taking the job to build a resume. Even more, it puts a price on one’s commitment: time is at a premium for me, but my $25/mo should cover two hours of intern labor. I feel a connection …

At the debate, I was a little disappointed in Bernie. Ask him a question, ask for details, and he’d pivot to any one of several talking points about how we need to regulate the banks, shut down the prisons, hand out tuition … he is an idealist but he is still a politician.

Presidential Debate Summary: mostly partisan, indecipherable yelling and screaming from a hangry toddler of undeclared political alignment.

— Danny Howard (@dannyman) October 14, 2015

Oh no wait that was an earlier debate. Here’s my summary:

Debate Summary: Hillary loves Obama, helped kill Osama, says Bernie hates Obama. Bernie days he hates Kissinger, we shouldn't bomb Cambodia.

— Danny Howard (@dannyman) February 12, 2016

Hillary, I like her fine enough. She had to go ahead and congratulate herself for being in the Situation Room to get Osama killed. Who wouldn’t brag about that one? Then near the end she tried to paint Bernie as a guy who is all busy hating on Obama. Bernie had a good retort that is was Hillary who ran against him in 2008.

The weirdest part was when Bernie started going off about Henry Kissinger. The gist of it is that the man is a war criminal and pals with Clinton. Maybe he could goad her into defending a war criminal? She handled that deftly: she’ll take advice from anyone. I’m no Kissinger fan but that was one of several times when Bernie’s focus seemed more on the mid-20th century than the present day. I appreciate historical perspective, but I worry about the guy coming off as stuck in the past.

I found a good explanation on the Kissinger thing here at “The Intercept”. The gist of it is that yes, Kissinger is an impressively heinous character and a friend of Hillary Clinton, and that there is a larger issue, that Left or Right, there’s a little cabal of hawkish Neocon-leaning foreign policy advisors that make up the Washington Foreign Policy Establishment. Bernie has been dinged for not articulating his vision for foreign policy, but when he lights up on Kissinger, he’s using Kissinger as the bellwether poster child for the Foreign Policy Establishment. He’s essentially saying what he says on a lot of stuff: we can do better.

Dr Henry Kissinger

Dr Henry Kissinger

For what it is worth, here’s what Google responds to the query sanders foreign policy:

The test of a great and powerful nation is not how many wars it can engage in, but how it can resolve international conflicts in a peaceful manner. I will move away from a policy of unilateral military action and regime change, and toward a policy of emphasizing diplomacy, and ensuring the decision to go to war is a last resort.

“Diplomacy. Less war.”

Huh. How about clinton foreign policy:

As secretary of state, I worked to restore America’s leadership in the world. As president, defending our values and keeping us safe will be my top priority. That includes maintaining a cutting-edge military, strengthening our alliances, cultivating new partners, standing up to aggressors, defeating ISIS, and enforcing the Iran nuclear agreement.

“Keep us safe! More military! Defeat ISIS and watch our for Iran!”

Can I get some establishment consensus? Maybe jeb foreign policy:

Obama’s disengagement has contributed to growing threats to our national security, including radical Islamic terrorism, Iranian aggression, an emboldened Putin, and an assertive China. Adversaries do not fear us and allies do not trust us. I will rebuild America’s military, restore our credibility and leadership, and repair our broken alliances.

“Muslims! Iran! Russia! China! More military!”

It would seem that this isn’t about Bernie being stuck in the 20th Century. Bernie’s beef is that Washington is stuck in the late 20th Century. The same advice that got us in bed with the Shah of Iran, that stoked the revolution there, is the same advice that got us mired in Vietnam and armed Al Qaeda, is the same advice that later got us mired in Iraq, and it is this same advice that is likely to bite us in the future.

I think one could debate the merits of interventionism versus the blowback and unintended consequences. Okay, Kissinger is a bad guy: I get it. Bernie, what should we do different and how do you honestly figure it will play out? Americans are not naturally fond of interventionism, but it seems to have worked well enough for us most days. Most days, it is foreigners who pay the price. Foreigners … and our soldiers. In Vietnam it was The Draft and it seems that everyone in my parents’ generation carries some subtle emotional scar from that. Foreigners, soldiers, conscripts … on 9/11 it was office workers, police and firefighters. But we don’t talk about 9/11 as blowback for interventionism.

I don’t know the specifics, but one has to figure there could be some better ideas about how a powerful nation can lead the world toward the better, while shedding less blood. I click back to Google, and scroll through statement after statement from Sanders that sounds sane, rational and level-headed to me. A pastiche:

Indeed, Sanders said, “I supported the use of force in Afghanistan to hunt down the terrorists who attacked us.”

Sanders said the war with the terror organization, which released videos this week that threatened attacks in Washington and New York, “must be done primarily by Muslim nations with the strong support of their global partners.”

“The war against ISIS, a brutal and dangerous organization, cannot be won unless the Muslim nations which are most threatened — Saudi Arabia, Kuwait, Qatar, Turkey, Iran and Jordan — become fully engaged, including the use of ground troops,” Sanders said.

“It must be destroyed not just by the United States of America alone. In many respects, what ISIS wants is a clash of civilizations,” Sanders said.

“With the third largest military budget in the world and an army far larger than ISIS, the Saudi government must accept its full responsibility for stability in their own region of the world,” he added

But, Sanders added: “I oppose, at this point, a unilateral American no-fly zone in Syria, which could get us more deeply involved in that horrible civil war and lead to a never-ending U.S. entanglement in that region.”

“I fear very much that supporting questionable groups in Syria who will be outnumbered and outgunned by both ISIS and the Assad regime could open the door to the United States once again being dragged back into the quagmire of long-term military engagement,” he said.

In a later tweet, Sanders insisted, “We will not destroy ISIS by undermining the Constitution and our religious freedoms.”

From what I can see, Bernie articulates what sounds to me some reasonable ideas about foreign policy. Nations have to take care of their own regional problems. We should help out. But we can’t win what isn’t really our fight.

What does Clinton have on offer?

To support troops from Iraq and around the region, the U.S. should “immediately deploy the special operations force President Obama has already authorized and be prepared to deploy more as more Syrians get into the fight,” Clinton said.

On ABC, Clinton said: “We have to fight in the air, fight on the ground and fight them on the Internet. We have to do everything we can with our friends and partners around the world. That’s what we’ll hear from the president, to intensify the current strategy.”

Yet Clinton cynically told corporate executives at a 2011 State Department roundtable on investment opportunities in Iraq, “It’s time for the United States to start thinking of Iraq as a business opportunity.”

Oh Google, your algorithms seem to have a Socialist bias. At any rate, I feel better about where my sympathies lie.

Feedback Welcome


Technical

Load Balancer Config: when “Not Authorized” means “Yes”

Link: https://dannyman.toldme.com/2016/02/25/http-auth-ssl-load-balancer-401/

I wanted to share a clever load balancer config strategy I accidentally discovered. The use case is you want to make a web service available to clients on the Internet. Two things you’ll need are:

1) an authentication mechanism
2) encrypted transport (HTTPS)

You can wrap authentication around an arbitrary web app with HTTP auth. Easy and done.

For encrypted transport of web traffic, I now love sslmate is the greatest thing since sliced bread. Why?

1) Inexpensive SSL certs.
2) You order / install the certs from a command line.
3) They feed you the conf you probably need for your software.
4) Then you can put the auto-renew in cron.

So, for example, an nginx set up to answer on port 443, handle the SSL connection, do http auth, then proxy over to the actual service, running on port 12345:

server {
    listen 443;
    server_name example.com;
    location / {
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   Host      $http_host;
        proxy_pass         http://127.0.0.1:12345;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        auth_basic "Restricted";                    #For Basic Auth
        auth_basic_user_file /etc/nginx/.htpasswd;  #For Basic Auth
    }
    # Sample config from https://sslmate.com/help/buy
    ssl on;
    ssl_certificate_key /etc/sslmate/example.com.key;
    ssl_certificate /etc/sslmate/example.com.chained.crt;
    # Recommended security settings from https://wiki.mozilla.org/Security/Server_Side_TLS
    # &c.
}

The clever load balancer config? The health check is to hit the server(s) in the pool, request / via HTTPS, and expect a 401 response. The load balancer doesn’t know the application password, so if you don’t let it in, you must be doing something right. If someone mucks with the server configuration and disables HTTP AUTH, then the load-balancer will get 200 on its health checks, regard success as an error, and “fail safe” by taking the server out of the pool, thus preventing people from accessing the site without a password.

Tell the load balancer that success is not an acceptable outcome

Tell the load balancer that success is not an acceptable outcome

Feedback Welcome


Technical, Technology

Technology Journey Back in Time

Link: https://dannyman.toldme.com/2016/03/24/technology-journey-back-in-time/

It started when Tom Limoncelli shared a link to teens reacting to Windows 95.

In my mind, what is most unfortunate about that setup, is they did not get to experience Dial Up Networking via a modem. I think they would have been truly blown away. Alas, the Internet contains wonders, like this guy getting a 50 year old modem to work:

What could be more amazing than that?  How about this guy, with a 50 year old modem and a teletype, browsing the first web site via the first web browser, by means of a punch tape bookmark?

You’re welcome, nerds!

Feedback Welcome


Technical

Divine the “Changelog” From Git

Link: https://dannyman.toldme.com/2016/04/12/divine-the-changelog-from-git/

I am having a tricky time with Ganeti, and the mailing list is not proving helpful. One factor is that I have two different versions in play. How does one divine the differences between these versions?

Git to the rescue! Along these lines:

git clone git://git.ganeti.org/ganeti.git # Clone the repo ...
cd ganeti
git branch -a                             # See what branches we have
git ls-remote --tags                      # See what tags we have
git checkout tags/v2.12.4                 # Check out the "old" branch/tag
git diff tags/v2.12.6                     # Diff "old" vs "new" branch/tag
# OH WAIT, IT IS EVEN EASIER THAN THIS! (Thanks, candlerb!)
# You don't hack to check out a branch, just do this:
git diff v2.12.4 v2.12.6                  # Diff "old" vs "new"

And now I see the “diff” between 2.12.4 and 2.12.6, and the changes seem relevant to my issue.

Feedback Welcome


Linux, News and Reaction, Technology

Ubuntu 16.04 Reactions

Link: https://dannyman.toldme.com/2016/04/21/ubuntu-16-04-reactions/

Xerus: an African ground squirrel.

Xerus: an African ground squirrel. CC: Wikipedia

I have misplaced my coffee mug. I’m glad to hear Ubuntu 16.04 LTS is out. “Codenamed ‘Xenial Xerus'” because computer people don’t already come off as a bunch of space cadets. Anyway, an under-caffeinated curmudgeon’s take:

The Linux kernel has been updated to the 4.4.6 longterm maintenance
release, with the addition of ZFS-on-Linux, a combination of a volume
manager and filesystem which enables efficient snapshots, copy-on-write
cloning, continuous integrity checking against data corruption, automatic
filesystem repair, and data compression.

Ah, ZFS! The last word in filesystems! How very exciting that after a mere decade we have stable support for it on Linux.

There’s a mention of the desktop: updates to LibreOffice and “stability improvements to Unity.” I’m not going to take that bait. No sir.

Ubuntu Server 16.04 LTS includes the Mitaka release of OpenStack, along
with the new 2.0 versions of Juju, LXD, and MAAS to save devops teams
time and headache when deploying distributed applications – whether on
private clouds, public clouds, or on developer laptops.

I honestly don’t know what these do, but my hunch is that they have their own overhead of time and headache. Fortunately, I have semi-automated network install of servers, Ganeti to manage VMs, and Ansible to automate admin stuff, so I can sit on the sidelines for now and hope that by the time I need it, Openstack is mature enough that I can reap its advantages with minimal investment.

Aside: My position on containers is the same position I have on Openstack, though I’m wondering if the containers thing may blow over before full maturity. Every few years some folks get excited about the possibility of reinventing their incumbent systems management paradigms with jails, burn a bunch of time blowing their own minds, then get frustrated with the limitations and go back to the old ways. We’ll see.

Anyway, Ubuntu keeps delivering:

Ubuntu 16.04 LTS introduces a new application format, the ‘snap’, which
can be installed alongside traditional deb packages. These two packaging
formats live quite comfortably next to one another and enable Ubuntu to
maintain its existing processes for development and updates.

YES YES YES YES YES YES YES OH snap OH MY LERD YES IF THERE IS ONE THING WE DESPERATELY NEED IT IS YET ANOTHER WAY TO MANAGE PACKAGES I AM TOTALLY SURE THESE TWO PACKAGING FORMATS WILL LIVE QUITE COMFORTABLY TOGETHER next to the CPANs and the CRANs and the PIPs and the … don’t even ask how the R packages work …

Further research reveals that they’ve replaced Python 2 with Python 3. No mention of that in the email announcement. I’m totally sure this will not yield any weird problems.

Feedback Welcome


Politics, Sundry, Sunnyvale

Notes on Maude Bicycle Lane in Sunnyvale

Link: https://dannyman.toldme.com/2016/05/17/notes-on-maude-bicycle-lane-in-sunnyvale/

In 2006, Sunnyvale applied for funding to add bicycle lanes on Maude Ave from Mathilda to Fair Oaks.

Maude is a two-lane road with a center turn lane. It serves as a main thoroughfare for the immediate neighborhood: residential, commercial, and Bishop Elementary. It also serves through traffic. It is very congested at peak. In the past three years there have been a few dozen accidents: mainly between vehicles, 3 involving pedestrians, 1 involving a cyclist.

W Maude Ave

W Maude Ave: filling in a gap in Sunnyvale’s bicycle network

In March 2016, a community meeting was held at Bishop school. Three main alternatives were proposed:
Option 1: remove parking along Maude, replace it with 5′ bike lanes with 3′ buffers
Option 2: retain parking, remove left-turn lanes, add bicycle lanes between driving and parking lanes
Option 3: do nothing except add some signs and paint sharrows on the street

At the community meeting, many residents from the SNAIL neighborhood to the North took turns berating the city for any number of reasons. There was a lot of upset that Maude is already congested and that people might park in front of their homes. There was a “voting” board and the community poll came out something like:
Option 1: 35%
Option 2: 15%
Option 3: 50%

Sunnyvale Staff recommend Option 1: improve bicycle infrastructure but avoid increased congestion.

On April 21, 2016, the Sunnyvale Bicycle Pedestrian Advisory Committee (BPAC) reviewed the proposal. Some observations from BPAC:

Further detail desired regarding the causes of vehicle collisions along the corridor — details were not included in the present study.

Project should extend the last half block between Fair Oaks and Wolfe Road — staff remarked that this was an oversight on the original grant request, but that this could be included for future improvement projects to the bicycle infrastructure on Fair Oaks or Wolfe.

Drivers might park in buffered lanes.

If left turn lanes are removed, drivers might use the bicycle lane to pass vehicles waiting for turn.

Maude has many driveways, and it is safer for bicyclists further from the curb, where they are more visible to drivers utilizing driveways.

Traffic impact analysis will be performed subsequent to the city selecting a preferred alternative, thus no traffic impact studies have been performed to distinguish the current proposals.

1 mile between Mathilda and Fair Oaks 10 intersections 1 grammar school 3 pedestrian crosswalks

1 mile between Mathilda and Fair Oaks
10 intersections
1 grammar school
3 pedestrian crosswalks

Community feedback:

I spoke first. I live adjacent to Bishop school:
I remarked on the lack of pedestrian crosswalks, asked the City to look at adding more as part of the project.
I noted the advantages of using the parking as a buffer lane for cyclists: route bike lanes at the curb.
I thanked BPAC for noting the desirability of an extension to Wolfe.
One gentleman who used to live in the neighborhood spoke in support of bike lanes.
One gentlemen from SNAIL explained his opposition to bike lanes, due to present low bicycle traffic.
One lady from Lowlanders spoke in support of a bike lane:
Leaning toward Option 2
Asked if there had been any Spanish-language outreach, as this is the population occupying the rental housing and attending Bishop who would be most impacted by the project, especially removal of parking.

BPAC made a motion to:
Support Option 1, per staff recommendation
Request 6′ bicycle lanes with 2′ buffer
Request project extension to Wolfe Road
Request inclusion of additional crosswalks

The motion passed with two dissenting votes. The chair, who lives on Murphy, stated his objections:
Removal of parking would adversely impact the neighborhood
Removal of left turn lanes would inconvenience drivers, and thereby discourage through traffic

City Council will review the plan May 17, 2016.

Feedback Welcome


Ansible, Linux, Technical

Ansible: Copy Agent Keys to Remote Servers

Link: https://dannyman.toldme.com/2016/07/01/ansible-use-ssh-add-to-set-authorized_key/

Background: you use SSH and ssh-agent and you can get a list of keys you presently have “ready to fire” via:

djh@djh-MBP:~/devops$ ssh-add -l
4096 SHA256:JtmLhsoPoSfBsFnrIsZc6XNScJ3ofghvpYmhYGRWwsU .ssh/id_ssh (RSA)

Aaaand, you want to set up passwordless SSH for the remote hosts in your Ansible. There are lots of examples that involve file lookups for blah blah blah dot pub but why not just get a list from the agent?

A playbook:

- hosts: all
  gather_facts: no
  tasks:
    - name: Get my SSH public keys
      local_action: shell ssh-add -L
      register: ssh_keys

    - name: List my SSH public keys
      debug: msg="{{ ssh_keys.stdout }}"

    - name: Install my SSH public keys on Remote Servers
      authorized_key: user={{lookup('env', 'USER')}} key="{{item}}"
      with_items: "{{ ssh_keys.stdout }}"

This is roughly based on a Stack Overflow answer.

The two tricky bits are:
1) Running a local_action to get a list of SSH keys.
2) Doing with_items to iterate if there are multiple keys.

A bonus tricky bit:
3) You may need to install sshpass if you do not already have key access to the remote servers. Last I knew, the brew command on Mac OS will balk at you for trying to install this.

Feedback Welcome


Excerpts, News and Reaction, Politics

. . . Convincing?

Link: https://dannyman.toldme.com/2016/07/18/sanders-endorses-clinton/

A “challenge” posted to Facebook:

clinton

A moment of thought and I realized the challenge was easy, and heartening. This speech has been given before:

“Hillary Clinton understands that we must fix an economy in America that is rigged and that sends almost all new wealth and income to the top one percent. Hillary Clinton understands that if someone in America works 40 hours a week, that person should not be living in poverty.

She believes that we should raise the minimum wage to a living wage. And she wants to create millions of new jobs by rebuilding our crumbling infrastructure. – our roads, bridges, water systems and wastewater plants.

This election is about which candidate will nominate Supreme Court justices who are prepared to overturn the disastrous Citizens United decision which allows billionaires to buy elections and undermine our democracy; about who will appoint new justices on the Supreme Court who will defend a woman’s right to choose, the rights of the LGBT community, workers’ rights, the needs of minorities and immigrants, and the government’s ability to protect the environment.

This campaign is about moving the United States toward universal health care and reducing the number of people who are uninsured or under-insured. Hillary Clinton wants to see that all Americans have the right to choose a public option in their health care exchange, which will lower the cost of health care.

She also believes that anyone 55 years or older should be able to opt in to Medicare and she wants to see millions more Americans gain access to primary health care, dental care, mental health counseling and low-cost prescription drugs through a major expansion of community health centers throughout this country.

Hillary is committed to seeing thousands of young doctors, nurses, psychologists, dentists and other medical professionals practice in underserved areas as we follow through on President Obama’s idea of tripling funding for the National Health Service Corps.

In New Hampshire, in Vermont and across the country we have a major epidemic of opiate and heroin addiction. People are dying every day from overdoses. Hillary Clinton understands that if we are serious about addressing this crisis we need major changes in the way we deliver mental health treatment. That’s what expanding community health centers will do and that is what getting medical personnel into the areas we need them most will do.

Hillary Clinton also understands that millions of seniors, disabled vets and others are struggling with the outrageously high cost of prescription drugs. She and I are in agreement that Medicare must negotiate drug prices with the pharmaceutical industry and that we must expand the use of generic medicine.

Drug companies should not be making billions in profits while one in five Americans are unable to afford the medicine they need. The greed of the drug companies must end.

This election is about the grotesque level of income and wealth inequality that currently exists, the worst it has been since 1928. Hillary Clinton knows that something is very wrong when the very rich become richer while many others are working longer hours for lower wages.

She knows that it is absurd that middle-class Americans are paying an effective tax rate higher than hedge fund millionaires, and that there are corporations in this country making billions in profit while they pay no federal income taxes in a given year because of loopholes their lobbyists created.

This election is about the thousands of young people I have met who have left college deeply in debt, the many others who cannot afford to go to college and the need for this country to have the best educated workforce in the world if we are to compete effectively in a highly competitive global economy.

Hillary Clinton believes that we must substantially lower student debt, and that we must make public colleges and universities tuition free for the middle class and working families of this country. This is a major initiative that will revolutionize higher education in this country and improve the lives of millions.

Think of what it will mean when every child in this country, regardless of the income of their family, knows that if they study hard and do well in school – yes, they will be able to get a college education and leave school without debt.

This election is about climate change, the greatest environmental crisis facing our planet, and the need to leave this world in a way that is healthy and habitable for our kids and future generations. Hillary Clinton is listening to the scientists who tell us that if we do not act boldly in the very near future there will be more drought, more floods, more acidification of the oceans, more rising sea levels.

She understands that we must work with countries around the world in transforming our energy system away from fossil fuels and into energy efficiency and sustainable energy – and that when we do that we can create a whole lot of good paying jobs.

This election is about the leadership we need to pass comprehensive immigration reform and repair a broken criminal justice system. It’s about making sure that young people in this country are in good schools or at good jobs, not in jail cells. Secretary Clinton understands that we don’t need to have more people in jail than any other country on earth, at an expense of $80 billion a year.”

Bernie Sanders

All I did was remove the few paragraphs where the T-word was mentioned.

Feedback Welcome


Technical, Technology, Testimonials, WordPress

Testimonial: SSLMate

Link: https://dannyman.toldme.com/2016/07/19/testimonial-sslmate/

I recently started using sslmate to manage SSL certificates. SSL is one of those complicated things you deal with rarely so it has historically been a pain in the neck.

But sslmate makes it all easy … you install the sslmate command and can generate, sign, and install certificates from the command-line. You then have to check your email when getting a signed cert to verify … and you’re good.

The certificates auto-renew annually, assuming you click the email. I did this for an important cert yesterday. Another thing you do (sslmate walks you through all these details) is set up a cron.

This morning at 6:25am the cron got run on our servers … with minimal intervention (I had to click a confirmation link on an email yesterday) our web servers are now running on renewed certs …. one less pain in the neck.

So … next time you have to deal with SSL I would say “go to sslmate.com and follow the instructions and you’ll be in a happy place.”

Feedback Welcome

Newer Stuff »
Arrr! . . . Avast!
Site Archive