いらしゃいませい

Software Engineer

Master of Chaos

Wizard lvl 9

Human

AWS | Cross-Account IAM Role Assumption

In AWS, in order to access resources in other accounts without creating new users or handling passwords, you can use sts:AssumeRole. Let’s say that you have some resources in AccountA (AWS Managed Prometheus for example) that you want to access from AccountB Account A In AccountA create a role account_a_role that has 2 types of policies: a Trust Relationship that define which entities can assume this role { "Version": "2012-10-17", "Statement": [ { "Sid": "AllowAssumeRoleFromAccountB", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::ACCOUNT_B_ID:role/account_b_role" }, "Action": "sts:AssumeRole" } ] } You can also set Conditions to filter which entities can AssumeRole and even configure AssumeRoleWithWebIdentity for users who have been authenticated with a web identity provider....

May 4, 2024 · 2 min · Memo Garcia

Lateral Thinking

For me, lateral thinking is: Solving problems using an indirect and creative approach. Using reasoning that is not immediately obvious and involving ideas that might not be obtainable by using traditional step-by-step logic. One “simple” approach to “think outside the box” is: Understanding WHAT you want to achieve. Understanding WHY you want to achieve it. Knowing the rules of the game (constraints like environment, budget, physical limitations, etc.) Reframing WHAT you want in a way that ignores these rules of the game....

May 3, 2024 · 2 min · Memo Garcia

Simplicity vs familiarity

I’ve been thinking a lot about how we interact with technology, and I’ve come to realize that being familiar with something doesn’t always mean it’s simple. In fact, it can sometimes make things more complicated. For example, when I’m working on code or documentation, I find myself getting too close to the issue. It’s easy to lose sight of the bigger picture and get caught up in the details. That’s why it’s important for us to take a step back, look at our work from a different perspective, and ask for feedback....

May 3, 2024 · 1 min · Memo Garcia

Optimizations

In order to make it faster, we need to understand why it is slow.

May 3, 2024 · 1 min · Memo Garcia

Microservices vs monoliths

Which architecture should I choose? I don’t think this is the right question to ask. A better question would be, given the current state of my service/product, which architecture will provide what I’m looking for? For example, performance, independent deployments, application boundaries, etc. For example, many people mention that we should start with a monolith and while I agree with some of the arguments (simplified development and deployment, consistent performance), it tends to ignore the fact that it might be better to prioritize freedom and experimentation at early stages rather than performance....

May 3, 2024 · 1 min · Memo Garcia

My issue with Github Actions

GitHub actions are a problem because they lock you by the balls and you cannot reproduce your pipelines. Getting to depend on all those small Actions saves 5 minutes today, only to make migrations immensely painful tomorrow. Build, package, and release software should be written as standalone scripts that in principle could even run in the developer’s machine. Moving them to CI is just changing the machine that will run the scripts....

May 3, 2024 · 1 min · Memo Garcia

Organizational Culture

A pattern of shared assumptions that groups have learned as they solve problems of external adaptation and internal integration, that has worked well enough in the past to be considered valid and therefore to be taught to new members as the correct way to PERCEIVE, THINK and FEEL – Edgar Schein Culture evolves over time, driven by both external influences and internal dynamics. It’s important to explore the factors driving these changes....

February 17, 2024 · 2 min · Memo Garcia

Domain Knowledge Transfer

Innovation often springs from the most unexpected sources. – Me The ability to transfer domain knowledge from one field to another can breed a lot of creativity and gives you new perspectives and the opportunity to think outside the box. But what is Domain Knowledge Transfer? Domain knowledge transfer is the process of applying knowledge, principles, and solutions from one field of study or industry to another. By looking beyond the confines of a single domain, we can find new solutions to complex problems and drive progress in unexpected and transformative ways....

February 17, 2024 · 2 min · Memo Garcia

Embracing Change

A made up mind is hard to change – Jeff Bezos or Confucius, I don’t know who, but the phrase got stuck with me Standing still is not an option. Progress, by its very nature, demands change. It beckons us to guess, to venture into the unknown, and to embrace risks with open arms. Why? Because without the courage to step beyond the familiar, innovation remains a distant dream....

February 17, 2024 · 2 min · Memo Garcia

Generations

Society seems to follow a cycle of moods that last around 20 years each. Each cycle is called “Turning” NOTE This is an unfalsifiable theory, so take it with a grain of salt. High The first turning is a high, which occurs after a crisis. During the high, institutions are strong and individualism is weak. Society is confident about where it wants to go collectively, though those outside the majoritarian center often feel stifled by conformity...

September 27, 2023 · 2 min · Memo Garcia

So, you want to be a DevOps Engineer?

First of, congratulations! Few words before moving on: There is no such thing as DevOps Engineer, DevOps is a philosophy, a way of working. Your DevOps role will depend on your organization structure and maturity. Some organizations use DevOps, SRE and Platform engineering interchangeably, don’t worry. Focus on the goal. You will work in a team, empathy is mandatory. A lot of people ask, do I really need to know ___ALL OF THAT___ to work as a DevOps Engineer?...

August 1, 2023 · 2 min · Memo Garcia

What is Kubernetes, really?

As in the ship of Theseus… If you replace each Kubernetes component… what is it that you get at the end? An API, an ecosystem and the sum of its parts. BTW, is kubernetes an overkill? Yes and No I think is a necessary evil to avoid selling your soul to a cloud provider.

August 1, 2023 · 1 min · Memo Garcia

Understanding Computer Networks by Analogy - Part 2 - Switches and Routers

Switches or “The floor concierge” Imagine that you want to send a package from room 69 to room 62. In a typical building you cannot go to your neighbor and give them the package, it’s rude, you need to do it through the floor concierge. The concierge or switch has a table of everyone’s door numbers: | Floor | Room number | Door number | |-------|-------------|-------------| | 6 | 602 | 1 | | 6 | 609 | 1 | Remember that each room can have many doors....

March 5, 2023 · 3 min · Memo Garcia

Understanding Computer Networks by Analogy - Part 1 - Networks and subnets

Networks or “The buildings” Imagine a building with many rooms connected by hallways and staircases. This building is a lot like a computer network, where each room is a computer with its own room number called an IP address. Just like people move between rooms in a building. In this building, each room can communicate directly to any room. That communication is done using network protocols. Each network protocol is like a language, some rooms communicate with others in Japanese, some other in Spanish, and so on....

March 4, 2023 · 2 min · Memo Garcia

Is complexity a human construct?

Or is it a perspective? is it the result of the human ego? or is it just a communication problem? If you look at biology, evolution has found a way to design its systems in a way that each component has a defined interface to communicate, and more importantly, each component is free to “experiment” or evolve independently from each other by random mutations. When changes in one component require a new interface it propagates those “requirements” to the other components in a trial-and-error mechanism....

January 18, 2023 · 3 min · Memo Garcia

Multi stage docker build for python

Docker multi-stage build is a great way to build a container images with a minimal footprint. Compiled languages like Go or Rust can take advantage of this by just shipping a binary to a container This is an example from the official docs: FROM golang:1.16 WORKDIR /go/src/github.com/alexellis/href-counter/ RUN go get -d -v golang.org/x/net/html COPY app.go ./ RUN CGO_ENABLED=0 go build -a -installsuffix cgo -o app . FROM alpine:latest RUN apk --no-cache add ca-certificates WORKDIR /root/ COPY --from=0 /go/src/github....

January 1, 2023 · 2 min · Memo Garcia

Big O notation

Big O Notation (or the Big O) is used to describe how long and complex an operation will be based on its input. Complexity could mean that an operation takes N amount of time, or N amount of memory, N CPU resources, etc. There are some notations to describe this: O(n) -> The complexity grows linearly based on the size of the input. O(n^2) -> Grows at a square ratio of its input....

December 28, 2022 · 2 min · Memo Garcia

Istio Ambient Mesh

Ambient mesh is a new data plane mode for Istio that doesn’t rely on sidecars. It gives users the option to forgo sidecar proxies in favor of a mesh data plane that’s integrated into your infrastructure. Ambient mesh benefits are: Minimal configuration for traffic encryption. Same configuration for L7 policies as ”normal service mesh”. Take less resources because no sidecars are needed. Easier upgrades because pods don’t need to restart in order to upgrade the service mesh....

November 24, 2022 · 3 min · Memo Garcia

Is OpenStack fighting a lost battle?

Update Jan 2023: Is OpenStack Still Needed in 2022? - Thierry Carrez, Open Infrastructure Foundation And why Kubernetes “won”. I owe my career to OpenStack and to all its contributors. I have made excellent friends, I learned a lot from them and the project itself. For that and more, thanks a lot OpenStack. However… Even though OpenStack has never been better, I can’t shake the feeling that is fighting a lost battle....

October 20, 2022 · 3 min · Memo Garcia

TOOL - Lateralus

TOOL Website TOOL - Lateralus Black Then White are All I see In my infancy Red and yellow then came to be Reaching out to me Lets me see As below so above and beyond I imagine Drawn beyond the lines of reason Push the envelope Watch it bend Over thinking, over analyzing, separates the body from the mind Withering my intuition, missing opportunities and I must Feed my will to feel my moment Drawing way outside the lines Black Then White are All I see In my infancy Red and yellow then came to be Reaching out to me Lets me see There is So Much More and Beckons me To look through to these Infinite possibilities As below so above and beyond I imagine Drawn outside the lines of reason Push the envelope Watch it bend Over thinking, over analyzing, separates the body from the mind Withering my intuition, leaving opportunities behind Feed my will to feel this moment Urging me to cross the line Reaching out to embrace the random Reaching out to embrace whatever may come I embrace my desire to I embrace my desire to Feel the rhythm To feel connected Enough to step aside and Weep like a widow To feel inspired To fathom the power To witness the beauty To bathe in the fountain To swing on the spiral To swing on the spiral To swing on the spiral Of our divinity and Still be a human With my feet upon the ground I lose myself between the sounds And open wide to suck it in I feel it move across my skin I'm reaching up and reaching out I'm reaching for the random or Whatever will bewilder me Whatever will bewilder me And following our will and wind We may just go where no one's been We'll ride the spiral to the end And may just go where no one's been Spiral out, keep going Spiral out, keep going Spiral out, keep going Spiral out, keep going

October 17, 2022 · 2 min · Memo Garcia

The role of a systems architect

Define the scope of your system Start by asking this broad questions: Why is your system required? This will help you find the reason why this system or organization exists What is the goal of your system? These two questions will help you understand your organization’s requirements, use them as a starting place, then clarify as much as you can those answers so you can start building a clear picture of what components might be needed and more importantly, which ones won’t....

October 14, 2022 · 2 min · Memo Garcia

My favorite horror movies

In no particular order: The wailing | Gokseong Noroi | The Curse The Medium Late Night with the Devil The Dark and the Wicked When Evil Lurks | Cuando Acecha La Maldad Perfect Blue | Pâfekuto burû Satan’s Slaves | Pengabdi Setan Satan’s Slaves: Communion | Pengabdi Setan 2: Communion Kairo | Pulse Aterrados Incantation | Zhou Gonjiam: Haunted Asylum | Gon-ji-am A Tale Of Two Sisters | Janghwa, Hongryeon...

October 13, 2022 · 1 min · Memo Garcia

Learning resources I use

Tools for better thinking The Catalog of Design Patterns Learn X in Y minutes XMind Amazon EKS Blueprints for Terraform AWS Architecture Blog Cloud Design Patterns AWS in plain English AWS Solutions AWS Well-Architected Distributed Load Testing on AWS Istio by example High scalability Kubernetes Failure Stories AWS Prescriptive Guidance Patterns

October 12, 2022 · 1 min · Memo Garcia

Installing GitLab in air-gapped mode

When installing GitLab in air-gapped mode using helm charts first you need to pull the required images for the target version to your private container registry. But is not straightforward to find which container tags map to which GitLab version. An easy way to find which tags you need is to print the helm templates first and get the values from there. helm \ -n gitlab \ template \ gitlab gitlab/gitlab \ --version 6....

October 3, 2022 · 1 min · Memo Garcia

Why am I always busy?

I’m trying to learn everything at once. I’m trying to do everything at once. … Except what I should be doing right now. 一度にすべてを学ぼうとしています。 一度にすべてをやろうとしています。 … 今すぐやるべきことを除いて。

August 30, 2022 · 1 min · Memo Garcia

Demystifying Kubernetes

Kubernetes is becoming a monster and as it grows it becomes more and more challenging for newcomers to understand it. My goal is to demystify its components. Main components There are two main components in a Kubernetes cluster. Master nodes Worker nodes The only difference is the workloads they run. You can assign metadata to these nodes to schedule specific workloads on each node or type of node. For Users Containers A container is a filesystem and process wrapped in a “box” with some labels on it....

June 30, 2022 · 3 min · Memo Garcia

A lesson from my dog

Looming recession !! , third world war !!, climate change !! Meanwhile taquito…

June 28, 2022 · 1 min · Memo Garcia

TODOs

At its core, TODOS are a real cognitive and spiritual burden of having to carry lots of unfulfilled promises into the future. その本質において、TODOリストは、未来に持ち込む未完の約束の重たい認知的および精神的な負担である。

May 5, 2022 · 1 min · Memo Garcia

How to use GitOps in a non-cloud-native environment

The rapid development and adoption of cloud-native stacks that brings a better developer experience, security, reproducibility and speed at which organizations deliver value are leaving more traditional stacks behind. Hence, there is more pressure from the markets, organizations and developers to bring those stacks into a more modern era. We often wonder whether the same techniques and toolchains of these modern stacks can be used to configure not-so-modern applications or infrastructures....

March 4, 2022 · 4 min · Memo Garcia

Setup multiple git identities and pgp keys

Be very carrefull in your setup : any misconfiguration make all the git config to fail silently ! Setup multiple git ssh identities for git Generate your SSH keys as per your git provider documentation. Add each public SSH keys to your git providers acounts. In your ~/.ssh/config, set each ssh key for each repository as in this exemple: Host github.com HostName github.com User git IdentityFile ~/.ssh/github_private_key IdentitiesOnly=yes Host gitlab.com Hostname gitlab....

March 4, 2022 · 2 min · Memo Garcia

i3 running on WSL2

WSL configuration Install i3 sudo apt install i3 -y Create an init script vim ~/src/scripts/i3launch.sh #!/bin/zsh source ~/.zshrc # If not running interactively, don't do anything [ -z "$PS1" ] && return export DISPLAY=$(awk '/nameserver / {print $2; exit}' /etc/resolv.conf 2>/dev/null):0 export LIBGL_ALWAYS_INDIRECT=1 dbus_status=$(service dbus status) if [[ $dbus_status = *"is not running"* ]]; then sudo service dbus --full-restart fi i3 To run WSL2 as root wsl.exe -d Ubuntu-20.04 -u root -- /bin/bash Windows configuration Install vcxsrv from powershell...

September 23, 2020 · 2 min · Memo Garcia

Modular CLI Documentation Fuzzy Finder

Fuzzy Search documentation from the CLI. See it in action here https://terminalizer.com/view/2c3935cf1418 Disclaimer This tool was built to learn FZF capabilities. Feel free to use it or extend it. Usage doc-fzf ansible doc-fzf ansible -q yum Installation pip3 install doc-fzf Verify your installation: doc-fzf -h usage: doc-fzf.py [-h] [-q QUERY] module_name doc-fzf. positional arguments: module_name Name of the module to search optional arguments: -h, --help show this help message and exit -q QUERY Query the docs Extending Doc-FZF doc-fzf is a modular application....

June 14, 2019 · 1 min · Memo Garcia

Generating a dynamic host inventory for ansible with Netbox

Usage: pip install pynetbox ansible ansible all -i hosts/env -m setup --tree /tmp/facts/env #!/opt/netbox/bin/python import argparse import json import os import sys import pynetbox import yaml import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) if sys.version_info < (3, 6): print("Python 3.6 is required") sys.exit(2) def to_json(in_dict): return json.dumps(in_dict, sort_keys=True, indent=4) def load_configuration(path="/etc/ansible/netbox.yml"): """ Load netbox configuration /etc/ansible/netbox.yml """ try: with open(path, "r") as fd: return yaml.safe_load(fd) except yaml.YAMLError as yml_error: print(yml_error) NETBOX_ENDPOINT = load_configuration()["netbox_endpoint"] NETBOX_TOKEN = load_configuration()["netbox_token"] if not NETBOX_ENDPOINT: raise OSError("environmet var NETBOX_ENDPOINT not set") if not NETBOX_TOKEN: raise OSError("environmet var NETBOX_TOKEN not set") nb = pynetbox....

January 10, 2019 · 3 min · Memo Garcia

Some Richard Feynman videos

The World from another point of view Fun to imagine Knowing versus Understanding

January 4, 2019 · 1 min · Memo Garcia

Waju - A fun and brutal game

Waju or whatever is called is a game that until this day I don’t know from where it comes. But, is fun. Edit: The game is based on a German game called Mensch ärgere Dich nicht Goal The goal of the game is very simple: Move your marbles for one lap from your home to your goal. Don’t worry about winning but don’t let anyone else win. Have fun. Board The board has six main components:...

January 4, 2019 · 4 min · Memo Garcia

Beyond PEP 8 - Best practices for beautiful intelligible code

January 3, 2019 · 0 min · Memo Garcia

Linux on Huawei Matebook X Pro

This laptop has very decent specs: 8th Generation Intel® Core™ i7-8550U processor GPU: NVIDIA® GeForce® MX150 with 2 GB GDDR5 / Intel® UHD Graphics 620 16 GB LPDDR3 2133 MHz BT 4.1 (compatible with 3.0 and 2.1+EDR) 512 GB NVMe PCIe SSD Don’t expect running workstation level workloads in this machine but it is a wonderful dev machine. Things I don’t like about the laptop Palm rejection on Linux Sound, it only outputs sound to two speakers on Linux and it has a werid noise under high volumes....

December 4, 2018 · 3 min · Memo Garcia

Deploying OpenStack with Docker

Note This is a Work-In-Progress Document and the most up-to-date information is available at: github.com/memogarcia/openstack-deployer Deploying OpenStack using containers allows easy customisation and flexibility on how to deploy the platform for development, testing and production environments. Current deployment: stable/queens Host configuration The default configuration for this environment is composed by 3 main components that need to run on the host: Docker Libvirtd OpenVSwitch Docker will act as the control plane for OpenStack while the host will provide the hypervisor, network and storage....

May 5, 2018 · 2 min · Memo Garcia

Becoming a Certificate Authority (CA)

A Certificate Authority or CA is an entity that signs digital certificates. These digital certificates are used to validate the connection while using secure mechanisms. Generating a root CA We will use a root CA to create intermediate CA’s which are trusted to sign certificates on its behalf. First, prepare the environment. mkdir /root/ca && cd /root/ca mkdir certs crl newcerts private chmod 700 private touch index.txt echo 1000 > serial Then download the template for /root/ca/openssl....

February 5, 2018 · 3 min · Memo Garcia

Pratai, event driven platform for OpenStack

Note This is a Work-In-Progress Document. Read the docs at memogarcia/pratai-docs Abstract Pratai provides an incredibly flexible and resilient platform to migrate workloads to the cloud that respond to events without having to manage any server or network. How it works The goal of Pratai is simple. Deploy “code” (disclaimer, from now on I will refer to code as functions), that will react to an event without worrying about anything else, the platform handles the execution....

January 5, 2018 · 6 min · Memo Garcia