Using a global lock in Chef

The Story

Our dev team is currently using a Snowflake-like ID generation scheme that looks like this:
snowflake diagram
(Diagram by Elad Rosenhim, architect and companion at Dynamic Yield. See his post about distributed keys and how to survive managing an HBase cluster)

Those familiar with MongoDB might notice this structure ...

more ...

Enhancing Packer Templates with eRuby

The Problem

Packer is a great tool for creating machine images, and I'm using it to create EC2 AMIs.
My issue with it is that Packer is using JSON for input, and JSON is very inflexible. For instance, you can't:

  • Write comments (there was an issue open for ...
more ...


Running Inline DSL in ChefSpec

The Problem

I have a pet Chef cookbook in charge of managing SELinux policies in Linux machines (Take a look).
Until today I got along fine without testing, because the cookbook barely had any logic to be tested. The only test I had (contributed by someone) just made sure the ...

more ...

Generating known_hosts file using Chef

The Story

This post relates to my previous post. I was trying to create a script to amend my known_hosts file (where SSH keeps fingerprints of all of the servers it connected to in the past, to prevent MitM attacks) with SSH keys collected by Chef. This benefits me in ...

more ...

Merging known_hosts files

The Story

Some time ago, some colleague rebuilt several servers and reused their names (think sql1,sql2 etc).
Obviously the new servers had different SSH server keys than the old ones, so my known_hosts file was out of date.
I considered manually removing the old key fingerprints, but decided that ...

more ...

Migrating Graphite's Dashboards

I just made a small script to migrate dashboards between two graphite servers.
Couldn't find a similar one anywhere, so I thought I'd upload it.
Note it's using http for its HTTP calls. It looks real nice.

old_server='http://old.server.com:1234'
new_server='http://better.server ...
more ...

Using RPMBuild - My Shortlist

The Story

I was trying to tinker with Abrt, a daemon in charge of collecting and diagnosing various crashes in RHEL (more on that in a different post).
Because the crash hook is written in C (it was designed to be really quick), I couldn't use my usual method ...

more ...

Sending HBase metrics to Graphite using Python

The story

Although HBase is a crucial component in our current stack, the monitoring for it was quite incomplete. We only had general "is it running?" monitoring, with some very application-specific tests ("make sure scanning this table doesn't take too long").
By sending detailed metrics on our HBase tables ...

more ...

Preparing Certificate files for Nginx

The Story

When installing SSL certificates for nginx, assuming you're using certificate hierarchy (and not a self-signed ceritificate), you're required to concatenate all of the certificate files (*.crt) to a single file, starting from your site's certificate up to the root certificate.
Today I got this bundle ...

more ...