kubernetes quickstart

kubernetes and docker In this post, I’ll be deploying a docker cluster running a number of nginx containers. Bare with me though as I am still learning about kubernetes and docker. Machines The master node will be controlling the worker nodes. Deployments will not run on the master node itself. From my experience, at least 1.5Gi of memory is needed for these machines. k8s-ms | k8s-wk1 | k8s-wk2…

Read More


Brought to my attention by a friend, I gave ipfs a try and here is what I did to get started:

The file is stored locally under the blocks directory:

Once a file is added to ipfs, it cannot be deleted. References: https://ipfs.io/docs/commands/

Read More

Take LVM snapshot before ubuntu upgrade

Ubuntu upgrade can be a challenge Ubuntu 18 is coming up in a few months. I started using Ubuntu on my machine since version 9.10 and it has gone through 8 upgrades. I’m running 17.10 now. If memory serves me right, my system crashed 2-3 times during these upgrades. In fact, those were the only downtime I have on this machine. In the early days, upgrade isn’t very mature IMO.…

Read More

Trade security with performance

The recent CPU flaw caused quite a mess. Most recent linux kernels have the problems patched, but what if I am willing to trade security for performance? I’ll need to compile my own kernel and here is how to do that on Ubuntu 17.

First, we need to make oldconfig. Basically copy the kernel compile config from Ubuntu and decide whether new features should be enabled

Here I…

Read More

Why the hack?

Why attacking and hacking – proof of concept – causes service interruption – utilize compromised systems to attack other targets – steal compute power – build zombie network – ransome – attention seeking – personal reasons How does it happen – Webhack exploiting vulnerable apps or scripts – SQL injection – Overflow boundaries – Brutish password hack – Social hacking – Affected by compromised neighbors particularly in muti-tenant environments –…

Read More

Meltdown and Spectre CVE-2017-5715

Numerous posts and announcements have been made available in past 48 hours[1]. I don’t want to embarrass myself trying to describe what they’re about. Here I want to measure the performance penalty for the kernel patch. Kernel update has been made available on CentOS 7 (3.10.0-693.11.6.el7), roughly 12 hours behind Redhat. Here is a quick test of mysql sysbench on a small instance on aliyun, AWS, and Azure. No impact…

Read More

Using list and lookup in terraform HCL

Terraform delivers consistent build and save a lot of time from clicking and scrolling. But when the resources, in this case ec2 resources are slightly different, it may be necessary to create a tf config for every instance. That defeats the purpose of automation. By storing the differences in a list and use the lookup function to extract the values, I’m able to write the following tf config with little…

Read More


Switched to aliyun international today. It’s incredibly fast compared to DigitalOcean in the same region. Monthly charge is reduced by almost 50% [1] Blazing fast Compared to what I previous used, network performance exceeds my expectation. My DO vm was in the same region. Very often I had to wait 3-10 seconds for my blog to load. After moving to aliyun, the site loads in under a second. Sorry but…

Read More