I’m a huge fan of cassandra, I’ve been playing with it since 0.7 and I’ve never stopped using it since then. Mostly because it just works, all the time.
I was very happy when it went, with CQL, from a key-value store to a well structured database (looking like a relationnal one), because we were pretty much always doing the same kind of collections management code. With CQL, this not so interesting part of development can be dropped and we can focus on other stuff. If you used or still do this kind of code yourself, you might be interested in how cassandra new collections organize their data internally (because guess what, it’s still a simple key-value store).
- Thrift to CQL3 : Introduction
- CQL3 for cassandra experts :
- Understanding how CQL3 maps to cassandra internal data structure.
Now that you get how the data is organized internally, it’s worth noting that you can’t the collection elements timestamp (called writetime in CQL). “SELECT map['value'] FROM table;” doesn’t exist (not CQL compatible), so “SELECT writetime( map['value'] ) FROM table;” won’t either unfortunately.
I’m very interested by everything around internet of things technologies (M2M). And the components I like to follow closely are the distributed databases which allow to make timeseries without single point of failures like cassandra and hbase and the message broker like RabbitMQ and ZeroMQ.
This little video isn’t really about ZeroMQ, it’s more about how build a community around a project. Personal creativity is great thing, we can all experience it some way or an other. Creating in a team gives you some new perspectives on how you can make better things (and, usually, be a better person). But creating as part of a community of people you don’t known and share your ideas/experiments/knownledges/insights with them is amazing. How to compile everyone’s mind into something better.
I’ve personnaly had the best fun building things that evolved with time, on a daily basis. You know the agile methodology when you use it for real.
My favorite part was:
But the rest of the talk is also great. Around 32:00, he talks about how he prefers to merge bad code to let people engage with the community and become part of it then passing on them (and their dumb code). It’s definitely valuable to any kind of orgzniation trying to build communities around quality content. It’s always better to let people engage, even in a bad way, it makes other people engage as well and then you have to build the tools so that the outcome always is positive (you want a good community around/AND a good content in the end).
Our language helps us express our ideas and emotions. Computer science languages help us build things following our ideas.
There are hundreds of computer science languages currently available to help do pretty much any kind of work. They were all built because (at least) one person once thought “this language isn’t good enough”.
And yet, I can still find people telling me:
But you can do this in this language as well.
If your jenkins server is installed on the same host as the glassfish server it’s quite simple.
You just have to let maven do its thing and then add this shell command:
/usr/local/glassfish/bin/asadmin --echo=true --host=localhost --port=4848 --user=admin --passwordfile=/secure/place/for/passwords/domain1_password --secure=false deploy --force=true --name=myproject --contextroot=/myproject target/*.war
The /secure/place/for/passwords/domain1_password should contain this:
Deploying different versions
With parametrized build you can go a little further and decide, for instance, if you want to deploy the current version as the production one or not. You can switch the build as a parametrized one and add a “stable” parameter (with a default value of false) for example.
The the only thing you have to do is to switch the previous code to:
1 2 3 4 5
if $stable; then /usr/local/glassfish/bin/asadmin --echo=true --host=localhost --port=4848 --user=admin --passwordfile=/secure/place/for/passwords/domain1_password --secure=false deploy --force=true --name=myproject --contextroot=/myproject target/*.war else /usr/local/glassfish/bin/asadmin --echo=true --host=localhost --port=4848 --user=admin --passwordfile=/secure/place/for/passwords/domain1_password --secure=false deploy --force=true --name=myproject-test --contextroot=/myproject-test target/*.war fi
Using the jabber plugin
Then you can use the jabber plugin and you will have interesting conversations with your jenkins build system, like:
And when you feel you are ready to go live:
!build myproject stable=true
- It’s even simpler with other servers like tomcat or jetty.
- Glassfish is often considered as very heavy but as most of the OSGi based softwares, you can remove a lot of its parts and make it as light as tomcat.
Sometimes valgrind can report the right problem with the wrong stack trace:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
make && sudo valgrind --db-attach=yes --leak-check=full --track-origins=yes --show-reachable=yes ./dist/Debug/cbadaemon ==4423== Memcheck, a memory error detector ==4423== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==4423== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==4423== Command: ./dist/Debug/cbadaemon ==4423== ==4423== Conditional jump or move depends on uninitialised value(s) ==4423== at 0x4922C47: __pthread_mutex_unlock_usercnt (pthread_mutex_unlock.c:38) ==4423== by 0x804E91A: ServerContext::ServerContext() (ServerContext.cpp:11) ==4423== by 0x804EB92: ServerCore::ServerCore(int, char**) (ServerCore.cpp:15) ==4423== by 0x804F627: main (main.cpp:57) ==4423== Uninitialised value was created by a heap allocation ==4423== at 0x48D273C: operator new(unsigned int) (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so) ==4423== by 0x804F60F: main (main.cpp:57) ==4423== ==4423== ==4423== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y
1 2 3 4 5 6 7
(gdb) bt #0 0x04922c47 in __pthread_mutex_unlock_usercnt (mutex=0x75e80d8, decr=1) at pthread_mutex_unlock.c:38 #1 0x0805d15b in RequestManager::RequestManager (this=0x75e8030) at src/transac/RequestManager.cpp:27 #2 0x0804e91b in ServerContext::ServerContext (this=0x75e802c) at src/server/ServerContext.cpp:11 #3 0x0804eb93 in ServerCore::ServerCore (this=0x75e8028, argc=1, argv=0xfef79b94) at src/server/ServerCore.cpp:15 #4 0x0804f628 in main (argc=1, argv=0xfef79b94) at src/main.cpp:57 (gdb) q
And it’s not an optimization problem as it was compiled with:
-c -m32 -g -rdynamic -O0 -fPIC -Wall -Werror
Plex is great piece of software. It’s a “complete media solution”. I installed it on my laptop (free) without editing a single file, I tested it on my iPad (it’s a paid app) and it was just working instantly. Then I also tested it on my Nexus 7 (paid app on play store as well) and it’s also working perfectly.
Then I discovered it can also do streaming through it’s web based interface, so it can stream to anything it doesn’t yet support. We could stop here but no: It can be installed on Debian stable hosts as well (which I love because they are easy to maintain [no daily updates and still pretty updated]).
As described here, the installation instruction for plex on Debian/stable is:
1 2 3
echo "deb http://shell.ninthgate.se/packages/debian squeeze main" | sudo tee -a /etc/apt/sources.list.d/plexmediaserver.list wget http://shell.ninthgate.se/packages/shell-ninthgate-se-keyring.key -O - -q | sudo apt-key add - sudo apt-get update && sudo apt-get install plexmediaserver
President Obama thinks required programming language learning in high school is a great idea. So do I, and I think we should all start with python.
- Writing code with it is very fast. When software engineers tell you “I can do it in 10 minutes”, in C/C++ they mean 4h, in java they mean 2h and in python they mean it.
- You can really do anything, I’ve done some serial communication, bit level manipulation, network level event-based servers, multithreading, webservice providing and consuming, SQL and cassandra client faster than what I’ve been doing in any other language.
- It’s easy to learn. You can start your first program right now and be good at it in 2 weeks.
- It comes “batteries included”. You don’t have to install third-party libraries. Contrary to ruby, you don’t have to choose between the thousands of gems available, there’s almost always one official way to do things. Which leads to the next point:
- It’s simple to read someone else’s code. This is because it’s high level language and you quickly know all the librairies.
- It now has some IDEs. I know some people like to code in vi, but this is ugly and unproductive. Pydev is simple to install and supports a pretty good (or not so bad) auto-completion.
This leads me to two opposing ideas (but you’ll understand where I stand):
- On a software architecture level, I think java (or C#) is the right choice for any complex or performance requiring system. IDE can really do there magic and most of the problems (mistakes, API change, etc.) are found at compilation.
- But on a pragmatic/real-life level, I think python is especially relevant for companies (I’m really thinking about startups) who want to build and launch something quick, make it evolve easily and obviously don’t need performance. Your engineer brain might think “Yes, but it’s scripting, this sucks”. But who cares? In 3 years, your product will be probably obsolete, if not already dead and in noone’s hard-drive anyway.
If you feel python isn’t the right choice because you need to have a complex all-in-one-language architecture, you should have a look at message brokers. My favorite one is RabbitMQ. It works instantly (like any modern software should be), has client libraries in every language you can imagine and supports very interesting features like persistent queues, load balancing and replication. Load balancing means that if python happened to be a bottleneck in your system, you could just duplicate the instances and server two times more.
During the last years, I launched the javacint google group which now has grown out to be a good community of professionnals working around the Cinterion (java enabled) chips. I also created a TC65 development document. And all the questions and feedbacks you gave me on the development around these chips helped me a lot to improve (what was) my document and (what was) my FAQ.
You helped me so much indeed that I believe this content should know be open to everyone to modify. That’s why I created the javacint wiki.
I still provide development services around the Cinterion chips through my company but I try to focus more on creating products with few partners.
You might have noticed for xrdp on Debian (but quite possibly with a lot of other Linux tools and other Linux distributions) the user limits (described in /etc/security/limits.conf) are not enforced. Which meant in my case that any session open with xrdp was opened with a max number of open files (nofile) set to 1024.
To fix this, edit the file /etc/pam.d/common-session and add the following line:
session required pam_limits.so
This is a personal reminder post.
The easiest attack one can perform on a web server is opening all the connections and do nothing with it. iptables fortunately has a “connlimit” module to avoid this. If you’re using ufw like me you will want to keep your good integration with it.
In the /etc/ufw/before.rules file, after these lines:
1 2 3 4 5 6 7
# Don't delete these required lines, otherwise there will be errors *filter :ufw-before-input - [0:0] :ufw-before-output - [0:0] :ufw-before-forward - [0:0] :ufw-not-local - [0:0] # End required lines
You can add this to limit the number of concurrent connections:
# Limit to 10 concurrent connections on port 80 per IP -A ufw-before-input -p tcp --syn --dport 80 -m connlimit --connlimit-above 10 -j DROP
And this to limit the number of connections:
1 2 3
# Limit to 20 connections on port 80 per 2 seconds per IP -A ufw-before-input -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set -A ufw-before-input -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 2 --hitcount 20 -j DROP
This second rules might create some issues with http clients that don’t support keep-alive (is there any?).
If you want to do some benchmarks (with ApacheBench for example), you need to enable the keep-alive and set the max number of keep-alive requests per connection very high (or unlimited).
In apache config it is set with: