In July of 2018, StackExchange ended support for allowing people to login via OpenID. One tenth of one percent of their users were logging in using OpenID, and I was one of those last remaining people. In an era where every website allows people to create accounts and login using other websites (e.g. Facebook, Twitter, Google, Github, et. al.), OpenID was an attempt to create a standard to allow anyone to use any identity provider to login to web applications.
Unfortunately OpenID has slowly fallen out of use. Several major OpenID providers have gone offline over the years, leaving some users stranded without a login to services they use. Websites like Woot, Slashdot and Pypy, all which supported OpenID at some point, have slowly (and often silently) removed support. Other sites such as Freecode and Gitorious supported OpenID until they closed down. Although we are entering an era where more people in tech are pushing for distributed systems for content and social networking, the era of federated authentication via OpenID is most likely at a dead end.
On July 12th, 2016, I purchased a pair of Jaybird Freedom F5 earbuds for $180 from an eBay vendor. I really liked these headphones. They had clear audio, good sound reproduction and I used them to listen to music and podcasts on my morning and evening train commutes. They refused to power on recently, and I discovered that this was a common problem mentioned on various product forums. I contacted Jaybird, provided my serial number, and discovered my warranty had expired. There was no option for me to get them repaired, even though I was willing to pay. I was offered a coupon for a 30% discount on another Jaybird product which could potentially stop working in another two years.
Docker was first getting big while I was working for an open source shop in New Zealand. At work we’d joke about containers, mostly because of our misconceptions. “Aren’t they based on LXC containers, which are full of security holes?” a co-worker and I would ask. When CoreOS was released, initially we laughed but also realized people were taking containers seriously. Late one night at a bar, some German developers who ran a name registrar, talked about how amazing Docker was and how they were currently running it in production.
It wouldn’t be until I took a contract in Seattle that I was really exposed to Docker. I worked at a shop that ran a CoreOS instance, and eventually switched to a company wide DCOS/marathon based platform. I learned a lot about containers, embraced many of their advantages, as well as becoming incredibly frustrated with their limitations. Despite the issues, I started to prefer using containers, and even wrote a tool for managing the containers I use to host this website. In this post I intend to cover what I’ve learned about containers, their strengths, their limitations and some good ways to incorporate them into your infrastructure.
Recently I added e-mail support to Bee2, a tool I use to provision servers and services for personal projects. My existing e-mail server ran on an openSUSE 13.2 box which stopped receiving security updates in January of 2017. I’ve been building Ansible roles to provision a replacement running on OpenBSD, and I found an interesting bug with a proxy filtering service called SpamPD. The bug prevents SpamPD from starting correctly with the standard OpenBSD rc.d service scripts due to the weird ways the OpenBSD init process works.
I’ve spent the past two decades in tech, mostly as a developer or system administrator. In that time, I’ve worked in a variety of different markets, in six different cities, across three different countries. There are, of course, a number of similarities between companies, no matter where you go. But I also found a lot of oddities that were specific to certain regions and markets. People who only work in one market could get used to an IT mono-culture, and may not realize how things operate differently for their counterparts on the other side of the country, or the planet. In this post I will start with my experiences in Chattanooga, Tennessee and Cincinnati, Ohio. I’ll also talk about international markets and tech scenes from my experience in Melbourne, Australia and Wellington, New Zealand. Finally I’ll cover my return to the West Coast working in Seattle, Washington, and my current scene in Chicago, Illinois.
My first job out of University was in the IT department of a payment processing and debt collection company. My desk was juxtapose to a call center where, all day, I listened to people on welfare collect bad checks and credit card debt from other people on welfare. When several of our sales people left to start their own business, taking many of the company’s customers with them, the company began to have everyone in the office, from those in data entry to customer service, sign a non-compete agreement. It was the first non-compete agreement I refused to sign. Over the course of the next fifteen years, I would be asked to sign non-competes several more times, always prior to employment. I’ve always refused, and until recently, I’ve never been denied a position because of that refusal.
Since 2012, at the last three jobs I’ve held as a software engineer, I’ve always used Linux natively on my work desktop or laptop. At some companies this was a choice, and at one it was mandatory. Most development shops give engineers the option of either a Windows PC or a Mac upon hiring them. However, my most recent shop did not. I considered simply running Linux in a virtual machine, however VirtualBox proved to be so slow that it was unusable, and I had some EFI booting issues with a demo of VMWare Fusion.
I probably could have worked through those issues, but instead I decided to take the leap and attempt to dual boot into Linux natively. A considerably amount of work has been done in the open source community to get modern Apple hardware working under Linux, much of it documented under the mbp-2016-linux project on GitHub. I was able to leverage quite a bit of that work to get a mostly working development environment. Although some things are still broken, I’m confident I can work through those issues, and hope this post can help other engineers who want to use modern MacBook Pros as powerful Linux development machines.
In a previous post, I introduced Bee2, a Ruby application designed to provision servers and setup DNS records. Later I expanded it using Ansible roles to setup OpenVPN, Docker and firewalls. In the latest iteration, I’ve added a rich Docker library designed to provision applications, run jobs and backup/restore data volumes. I’ve also included some basic Dockerfiles for setting up HAProxy with LetsEncrypt and Nginx for static content. Building this system has given me a lot more flexibility than what I would have had with something like Docker Compose. It’s not anywhere near as scalable as something like Kubernetes or DC/OS with Marathon, but it works well for my personal setup with just my static websites and personal projects.