Docker + AWS = Small headache …but everything is going in the right direction.

Today I had a pleasure to participate in AWS Summit 2015 in Berlin. Because of the ongoing hype with regards to Docker and not-so-long-ago-announced ECS service I was considering talking with AWS Architects about those two as one of my main objectives. There was also a session about automation of docker deployments inside a ECS which gave me quite nice overview of capabilities. So….

My thoughts after the event are:

In general ECS is nice, it gives you quite decent flexibility of fleet management, fits well with deploy/upgrade pipeline, has a quite broad autoscaling capabilities and everything would be perfect except theres’s one small detail which destroys this nice picture.

Currently you need to define fixed ports which are exposed on docker and host. Thinking about docker upgrade on one instance, either you use different ports for publishing exposed ones or you shutdown old container and start a new one in place of old. When you use ELB this leads to a situation where 0 downtime deployments are not available, because in the first scenario there will be downtime between ELB discovering the node and deciding on it’s health after changing ports, and in the second scenario there’s a downtime caused by lack of any container running. Of course I’ve a manually triggered deployment in mind.

ECS is using the second option to roll deployments. This means that service will stop the old container and in that place will start a new one.

So at least for now, until ELB does not support dynamic port allocation in ECS (hopefully it will change soon enough) it’s better to go with a 1 docker : 1 ec2  instance workflow with standard ELB connected autoscaling groups.

Docker + AWS = Small headache …but everything is going in the right direction.

Mentoring GGC Workshop at PyCon 2015

A quick brief about my adventure in the world of mentoring.

This one was HUGE for me….

First of all because it was a workshop designed to teach people programming in Python and Django.

Second I’m not a programmer.

Third it was in english

And last but not least my teaching and mentoring skills are below level of 0.

I’ve asked for beginning programmers without any knowledge of Python/Django.

I thought that if I’m very basic it will be easier to teach beginners…

So I was assigned to a group of 2 awesome girls: Alice and Raiona and we started our many hour walk over GGC tutorial.

Alice, me and Raiona @ PyCon 2015

Thanks for everything girls. I owe you big! *Your worst mentor ever!*

Lessons learned:

–  Mentoring beginners is much more challenging than expected.

– Knowing something doesn’t mean you can explain it to anyone. Especially in foreign language.

– Your mentoring skills are a resultant value of your language knowledge, your knowledge of the subject and interpersonal skills.

– Drop your expectations to become best mentor ever. it’s not going to happen soon.

– Be in the team as much as possible and leave space for your mentees to grow.

– Don’t do “Follow the tutorial and ask in case of questions”. You will get “sheeps” copy & pasting commands from the tutorial to their text editors and Terminal.app without any additional questions.

– No matter what you think it’s all about your mentees and sometimes you just have to spent several hours only on explaining  loops over and over again and how to use them to iterate over several lists.

Mentoring GGC Workshop at PyCon 2015

broken encrypted DMGs

It’s funny…

You make a full disk backup to encrypted dmg on external volume. You’re doing system upgrade using a clean installation, and then you try to bring your data back from the DMG you just did and you see a cheerful message:

“Unable to mount, no mountable filesystem”

You have checked before if the disk image will mount and everything was fine. Your first thought is…. bummer.

What you can do is to try to attach the volume from Terminal.app

hdiutil attach -ignorebadchecksums -stdinpass -nomount -noverify your_image.dmg

and then you can use some recovery software (e.g. like Data Rescue) to restore available files.

broken encrypted DMGs

Mac OS X Lion vs JavaWS

After upgrading Java with Java for OS X 2013-0002 suddenly I lost ability to manage our Cisco ASA Firewall via ASDM.

Mrman told me, that I need to download and install two packages

JavaDeveloper for 10.7 [dropbox.com]

Apple Java Revert [dropbox.com]

After installation in fact I had working Java environment 1.6.0_35 but JavaWS still was a no go.

After googling a bit for the next error:

Can not find message file: No such file or directory

I’ve found #1 and #2.

the ultimate solution to the JavaWS canundrum is to remove  JavaWS minimum version string from the XProtect.meta.plist with

sudo /usr/libexec/PlistBuddy -c "Delete :JavaWebComponentVersionMinimum" /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist
Mac OS X Lion vs JavaWS

OSX Updates vs Unsupported SSD vs Trim

About a year ago I’ve upgraded harddrive in my MacBook to SSD. This is one hell of an upgrade and you can belive it or not it’s one of the most important ones you should perform.

This upgrade is not so pain less as it looks like and after every system upgrade (Security Upgrades, Version updates, etc) you should check if Trim is enabled and active.

I use Trim Enabler. It has a easy to use GUI interface which tells you if it’s activeImage

But when you can’t or don’t want to install any software you can perform 4 commands that do the magic.

Before proceeding further down the spiral (;-)) we need to do backup of the file. It can be helpfull if something will go wrong:

sudo cp /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage /IOAHCIBlockStorage.original

Patch the file to enable TRIM support:

sudo perl -pi -e 's|(\x52\x6F\x74\x61\x74\x69\x6F\x6E\x61\x6C\x00).{9}(\x00\x51)|$1\x00\x00\x00\x00\x00\x00\x00\x00\x00$2|sg' /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage

Clear the kext caches:

sudo kextcache -system-prelinked-kernel

sudo kextcache -system-caches

And finally reboot your system
OSX Updates vs Unsupported SSD vs Trim