いらしゃいませい

Software Engineer

Master of Chaos

Wizard lvl 9

Human

Understanding Computer Networks by Analogy

I’m writing this for the version of me back in university who struggled to grasp networking concepts. This isn’t a full map of the networking world, but it’s a starting point. If you’re also finding it tricky to understand some of the ideas that make the internet works, I hope this helps. I’m sticking with analogies here instead of going deep into technical terms—you can find those easily anywhere. I just enjoy looking at the world from different perspectives. It’s fascinating how many connections you can spot when you approach things from a new angle. ...

December 20, 2024 · 19 min · Memo Garcia

AWS | Cross-Account IAM Role Assumption

In AWS, in order to access resources in other accounts without creating new users or handling passwords, you can use sts:AssumeRole. Let’s say that you have some resources in AccountA (AWS Managed Prometheus for example) that you want to access from AccountB Account A In AccountA create a role account_a_role that has 2 types of policies: a Trust Relationship that define which entities can assume this role { "Version": "2012-10-17", "Statement": [ { "Sid": "AllowAssumeRoleFromAccountB", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::ACCOUNT_B_ID:role/account_b_role" }, "Action": "sts:AssumeRole" } ] } You can also set Conditions to filter which entities can AssumeRole and even configure AssumeRoleWithWebIdentity for users who have been authenticated with a web identity provider. ...

May 4, 2024 · 2 min · Memo Garcia

Lateral Thinking

For me, lateral thinking is: Solving problems using an indirect and creative approach. Using reasoning that is not immediately obvious and involving ideas that might not be obtainable by using traditional step-by-step logic. One “simple” approach to “think outside the box” is: Understanding WHAT you want to achieve. Understanding WHY you want to achieve it. Knowing the rules of the game (constraints like environment, budget, physical limitations, etc.) Reframing WHAT you want in a way that ignores these rules of the game. Assessing if the solution still aligns with your initial WHY. Focusing on point 4, Frame the WHAT in a way that ignores the current rules of the game. In order to do this you require lots of reading and imagination. It is also helpful to read about other domains. ...

May 3, 2024 · 2 min · Memo Garcia

Simplicity vs familiarity

I’ve been thinking a lot about how we interact with technology, and I’ve come to realize that being familiar with something doesn’t always mean it’s simple. In fact, it can sometimes make things more complicated. For example, when I’m working on code or documentation, I find myself getting too close to the issue. It’s easy to lose sight of the bigger picture and get caught up in the details. That’s why it’s important for us to take a step back, look at our work from a different perspective, and ask for feedback. ...

May 3, 2024 · 1 min · Memo Garcia

Optimizations

In order to make it faster, we need to understand why it is slow.

May 3, 2024 · 1 min · Memo Garcia

Microservices vs monoliths

Which architecture should I choose? I don’t think this is the right question to ask. A better question would be, given the current state of my service/product, which architecture will provide what I’m looking for? For example, performance, independent deployments, application boundaries, etc. For example, many people mention that we should start with a monolith and while I agree with some of the arguments (simplified development and deployment, consistent performance), it tends to ignore the fact that it might be better to prioritize freedom and experimentation at early stages rather than performance. ...

May 3, 2024 · 1 min · Memo Garcia

My issue with Github Actions

GitHub actions are a problem because they lock you by the balls and you cannot reproduce your pipelines. Getting to depend on all those small Actions saves 5 minutes today, only to make migrations immensely painful tomorrow. Build, package, and release software should be written as standalone scripts that in principle could even run in the developer’s machine. Moving them to CI is just changing the machine that will run the scripts. ...

May 3, 2024 · 1 min · Memo Garcia

Organizational Culture

A pattern of shared assumptions that groups have learned as they solve problems of external adaptation and internal integration, that has worked well enough in the past to be considered valid and therefore to be taught to new members as the correct way to PERCEIVE, THINK and FEEL – Edgar Schein Culture evolves over time, driven by both external influences and internal dynamics. It’s important to explore the factors driving these changes. Understanding the why and the triggers that made culture evolve can tell a great deal about the people experiencing that culture. ...

February 17, 2024 · 2 min · Memo Garcia

Domain Knowledge Transfer

Innovation often springs from the most unexpected sources. – Me The ability to transfer domain knowledge from one field to another can breed a lot of creativity and gives you new perspectives and the opportunity to think outside the box. But what is Domain Knowledge Transfer? Domain knowledge transfer is the process of applying knowledge, principles, and solutions from one field of study or industry to another. By looking beyond the confines of a single domain, we can find new solutions to complex problems and drive progress in unexpected and transformative ways. ...

February 17, 2024 · 2 min · Memo Garcia

Embracing Change

A made up mind is hard to change – Jeff Bezos or Confucius, I don’t know who, but the phrase got stuck with me Standing still is not an option. Progress, by its very nature, demands change. It beckons us to guess, to venture into the unknown, and to embrace risks with open arms. Why? Because without the courage to step beyond the familiar, innovation remains a distant dream. The Power of Adaptability The first step towards progress is acknowledging that change is inevitable. In my work for example, what worked yesterday may not do so tomorrow. Adaptability means staying informed about industry trends, experimenting with new tools, and being ready to pivot when necessary. The willingness to change ensures we remain at the forefront of innovation. ...

February 17, 2024 · 2 min · Memo Garcia

Generations

Society seems to follow a cycle of moods that last around 20 years each. Each cycle is called “Turning” NOTE This is an unfalsifiable theory, so take it with a grain of salt. High The first turning is a high, which occurs after a crisis. During the high, institutions are strong and individualism is weak. Society is confident about where it wants to go collectively, though those outside the majoritarian center often feel stifled by conformity ...

September 27, 2023 · 2 min · Memo Garcia

So, you want to be a DevOps Engineer?

First of, congratulations! Few words before moving on: There is no such thing as DevOps Engineer, DevOps is a philosophy, a way of working. Your DevOps role will depend on your organization structure and maturity. Some organizations use DevOps, SRE and Platform engineering interchangeably, don’t worry. Focus on the goal. You will work in a team, empathy is mandatory. A lot of people ask, do I really need to know ___ALL OF THAT___ to work as a DevOps Engineer? Short answer is: no, most probably someone in your team or organization already knows how to do stuff, leverage them!! ask questions!! ...

August 1, 2023 · 2 min · Memo Garcia

What is Kubernetes, really?

As in the ship of Theseus… If you replace each Kubernetes component… what is it that you get at the end? An API, an ecosystem and the sum of its parts. BTW, is kubernetes an overkill? Yes and No I think is a necessary evil to avoid selling your soul to a cloud provider.

August 1, 2023 · 1 min · Memo Garcia

Is complexity a human construct?

Or is it a perspective? is it the result of the human ego? or is it just a communication problem? If you look at biology, evolution has found a way to design its systems in a way that each component has a defined interface to communicate, and more importantly, each component is free to “experiment” or evolve independently from each other by random mutations. When changes in one component require a new interface it propagates those “requirements” to the other components in a trial-and-error mechanism. Thus, allowing a more dynamic evolution. ...

January 18, 2023 · 3 min · Memo Garcia

Multi stage docker build for python

Docker multi-stage build is a great way to build a container images with a minimal footprint. Compiled languages like Go or Rust can take advantage of this by just shipping a binary to a container This is an example from the official docs: FROM golang:1.16 WORKDIR /go/src/github.com/alexellis/href-counter/ RUN go get -d -v golang.org/x/net/html COPY app.go ./ RUN CGO_ENABLED=0 go build -a -installsuffix cgo -o app . FROM alpine:latest RUN apk --no-cache add ca-certificates WORKDIR /root/ COPY --from=0 /go/src/github.com/alexellis/href-counter/app ./ CMD ["./app"] When it comes to python, most of the benefits seems to get lost because you still need a python interpreter and also is quite cumbersome to generate a binary from python code that can be shipped as-is. ...

January 1, 2023 · 2 min · Memo Garcia

Big O notation

Big O Notation (or the Big O) is used to describe how long and complex an operation will be based on its input. Complexity could mean that an operation takes N amount of time, or N amount of memory, N CPU resources, etc. There are some notations to describe this: O(n) -> The complexity grows linearly based on the size of the input. O(n^2) -> Grows at a square ratio of its input. O(n^3) -> Grows at a cube ratio of its input. O(n^x) -> And so on. Note that the previous notations showcase that complexity always grows, at minimum as O(n). But what if the complexity grows slower than linearly? ...

December 28, 2022 · 2 min · Memo Garcia

Istio Ambient Mesh

Ambient mesh is a new data plane mode for Istio that doesn’t rely on sidecars. It gives users the option to forgo sidecar proxies in favor of a mesh data plane that’s integrated into your infrastructure. Ambient mesh benefits are: Minimal configuration for traffic encryption. Same configuration for L7 policies as ”normal service mesh”. Take less resources because no sidecars are needed. Easier upgrades because pods don’t need to restart in order to upgrade the service mesh. Sidecars might break workloads (I’m looking at you GitLab…) It also gives the flexibility to opt-in on features of the service mesh according to your needs. ...

November 24, 2022 · 3 min · Memo Garcia

Is OpenStack fighting a lost battle?

Update Jan 2023: Is OpenStack Still Needed in 2022? - Thierry Carrez, Open Infrastructure Foundation And why Kubernetes “won”. I owe my career to OpenStack and to all its contributors. I have made excellent friends, I learned a lot from them and the project itself. For that and more, thanks a lot OpenStack. However… Even though OpenStack has never been better, I can’t shake the feeling that is fighting a lost battle. ...

October 20, 2022 · 3 min · Memo Garcia

TOOL - Lateralus

TOOL Website TOOL - Lateralus Black Then White are All I see In my infancy Red and yellow then came to be Reaching out to me Lets me see As below so above and beyond I imagine Drawn beyond the lines of reason Push the envelope Watch it bend Over thinking, over analyzing, separates the body from the mind Withering my intuition, missing opportunities and I must Feed my will to feel my moment Drawing way outside the lines Black Then White are All I see In my infancy Red and yellow then came to be Reaching out to me Lets me see There is So Much More and Beckons me To look through to these Infinite possibilities As below so above and beyond I imagine Drawn outside the lines of reason Push the envelope Watch it bend Over thinking, over analyzing, separates the body from the mind Withering my intuition, leaving opportunities behind Feed my will to feel this moment Urging me to cross the line Reaching out to embrace the random Reaching out to embrace whatever may come I embrace my desire to I embrace my desire to Feel the rhythm To feel connected Enough to step aside and Weep like a widow To feel inspired To fathom the power To witness the beauty To bathe in the fountain To swing on the spiral To swing on the spiral To swing on the spiral Of our divinity and Still be a human With my feet upon the ground I lose myself between the sounds And open wide to suck it in I feel it move across my skin I'm reaching up and reaching out I'm reaching for the random or Whatever will bewilder me Whatever will bewilder me And following our will and wind We may just go where no one's been We'll ride the spiral to the end And may just go where no one's been Spiral out, keep going Spiral out, keep going Spiral out, keep going Spiral out, keep going

October 17, 2022 · 2 min · Memo Garcia

The role of a systems architect

Define the scope of your system Start by asking this broad questions: Why is your system required? This will help you find the reason why this system or organization exists What is the goal of your system? These two questions will help you understand your organization’s requirements, use them as a starting place, then clarify as much as you can those answers so you can start building a clear picture of what components might be needed and more importantly, which ones won’t. ...

October 14, 2022 · 2 min · Memo Garcia

My favorite horror movies

In no particular order: The wailing | Gokseong Noroi | The Curse The Medium Late Night with the Devil The Dark and the Wicked When Evil Lurks | Cuando Acecha La Maldad Perfect Blue | Pâfekuto burû Satan’s Slaves | Pengabdi Setan Satan’s Slaves: Communion | Pengabdi Setan 2: Communion Kairo | Pulse Aterrados Incantation | Zhou Gonjiam: Haunted Asylum | Gon-ji-am A Tale Of Two Sisters | Janghwa, Hongryeon ...

October 13, 2022 · 1 min · Memo Garcia

Learning resources I use

Tools for better thinking The Catalog of Design Patterns Learn X in Y minutes XMind Amazon EKS Blueprints for Terraform AWS Architecture Blog Cloud Design Patterns AWS in plain English AWS Solutions AWS Well-Architected Distributed Load Testing on AWS Istio by example High scalability Kubernetes Failure Stories AWS Prescriptive Guidance Patterns

October 12, 2022 · 1 min · Memo Garcia

Installing GitLab in air-gapped mode

When installing GitLab in air-gapped mode using helm charts first you need to pull the required images for the target version to your private container registry. But is not straightforward to find which container tags map to which GitLab version. An easy way to find which tags you need is to print the helm templates first and get the values from there. helm \ -n gitlab \ template \ gitlab gitlab/gitlab \ --version 6.4.1 \ -f values.yml \ > gitlab-6.4.1.yml cat gitlab-6.4.1.yml | grep image:

October 3, 2022 · 1 min · Memo Garcia

Why am I always busy?

I’m trying to learn everything at once. I’m trying to do everything at once. … Except what I should be doing right now. 一度にすべてを学ぼうとしています。 一度にすべてをやろうとしています。 … 今すぐやるべきことを除いて。

August 30, 2022 · 1 min · Memo Garcia

Demystifying Kubernetes

Kubernetes is becoming a monster and as it grows it becomes more and more challenging for newcomers to understand it. My goal is to demystify its components. Main components There are two main components in a Kubernetes cluster. Master nodes Worker nodes The only difference is the workloads they run. You can assign metadata to these nodes to schedule specific workloads on each node or type of node. For Users Containers A container is a filesystem and process wrapped in a “box” with some labels on it. Volumes A volume is a filesystem that lives outside the container. Pods Organize containers (one or more) and a volume(s) as a single unit This is the basic unit on which Kubernetes works. A pod has an IP (or more depending on your CNI) ConfigMaps Are just files that are mounted in pods (specifically, they are mounted in a container) Secrets Are just files that are mounted in the pods but the data is encoded. (specifically, they are mounted in a container). Note This is insecure, take a look at different approaches if security is important ...

June 30, 2022 · 3 min · Memo Garcia

A lesson from my dog

Looming recession !! , third world war !!, climate change !! Meanwhile taquito…

June 28, 2022 · 1 min · Memo Garcia

TODOs

At its core, TODOS are a real cognitive and spiritual burden of having to carry lots of unfulfilled promises into the future. その本質において、TODOリストは、未来に持ち込む未完の約束の重たい認知的および精神的な負担である。

May 5, 2022 · 1 min · Memo Garcia

How to use GitOps in a non-cloud-native environment

The rapid development and adoption of cloud-native stacks that brings a better developer experience, security, reproducibility and speed at which organizations deliver value are leaving more traditional stacks behind. Hence, there is more pressure from the markets, organizations and developers to bring those stacks into a more modern era. We often wonder whether the same techniques and toolchains of these modern stacks can be used to configure not-so-modern applications or infrastructures. ...

March 4, 2022 · 4 min · Memo Garcia

Setup multiple git identities and pgp keys

Be very carrefull in your setup : any misconfiguration make all the git config to fail silently ! Setup multiple git ssh identities for git Generate your SSH keys as per your git provider documentation. Add each public SSH keys to your git providers acounts. In your ~/.ssh/config, set each ssh key for each repository as in this exemple: Host github.com HostName github.com User git IdentityFile ~/.ssh/github_private_key IdentitiesOnly=yes Host gitlab.com Hostname gitlab.com User git IdentityFile ~/.ssh/gitlab_private_key IdentitiesOnly=yes Setup dynamic git user email & name depending on folder Require git 2.13+ for conditional include support. ...

March 4, 2022 · 2 min · Memo Garcia

i3 running on WSL2

WSL configuration Install i3 sudo apt install i3 -y Create an init script vim ~/src/scripts/i3launch.sh #!/bin/zsh source ~/.zshrc # If not running interactively, don't do anything [ -z "$PS1" ] && return export DISPLAY=$(awk '/nameserver / {print $2; exit}' /etc/resolv.conf 2>/dev/null):0 export LIBGL_ALWAYS_INDIRECT=1 dbus_status=$(service dbus status) if [[ $dbus_status = *"is not running"* ]]; then sudo service dbus --full-restart fi i3 To run WSL2 as root wsl.exe -d Ubuntu-20.04 -u root -- /bin/bash Windows configuration Install vcxsrv from powershell ...

September 23, 2020 · 2 min · Memo Garcia

Modular CLI Documentation Fuzzy Finder

Fuzzy Search documentation from the CLI. See it in action here https://terminalizer.com/view/2c3935cf1418 Disclaimer This tool was built to learn FZF capabilities. Feel free to use it or extend it. Usage doc-fzf ansible doc-fzf ansible -q yum Installation pip3 install doc-fzf Verify your installation: doc-fzf -h usage: doc-fzf.py [-h] [-q QUERY] module_name doc-fzf. positional arguments: module_name Name of the module to search optional arguments: -h, --help show this help message and exit -q QUERY Query the docs Extending Doc-FZF doc-fzf is a modular application. It can load modules at runtime that scrap websites in any way you like. ...

June 14, 2019 · 1 min · Memo Garcia

Generating a dynamic host inventory for ansible with Netbox

Usage: pip install pynetbox ansible ansible all -i hosts/env -m setup --tree /tmp/facts/env #!/opt/netbox/bin/python import argparse import json import os import sys import pynetbox import yaml import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) if sys.version_info < (3, 6): print("Python 3.6 is required") sys.exit(2) def to_json(in_dict): return json.dumps(in_dict, sort_keys=True, indent=4) def load_configuration(path="/etc/ansible/netbox.yml"): """ Load netbox configuration /etc/ansible/netbox.yml """ try: with open(path, "r") as fd: return yaml.safe_load(fd) except yaml.YAMLError as yml_error: print(yml_error) NETBOX_ENDPOINT = load_configuration()["netbox_endpoint"] NETBOX_TOKEN = load_configuration()["netbox_token"] if not NETBOX_ENDPOINT: raise OSError("environmet var NETBOX_ENDPOINT not set") if not NETBOX_TOKEN: raise OSError("environmet var NETBOX_TOKEN not set") nb = pynetbox.api(NETBOX_ENDPOINT, NETBOX_TOKEN, ssl_verify=False) def parse_args(): parser = argparse.ArgumentParser() parser.add_argument('--list', action='store_true') parser.add_argument('--host', action='store') parser.add_argument('--introspection', action='store_true') return parser.parse_args() def get_site(site_name): site = nb.dcim.sites.get(name=site_name) return site def get_vms(site_name): platform = nb.dcim.platforms.get(name=site_name) vms = nb.virtualization.virtual_machines.filter(platform_id=platform.id) return vms def get_devices(site_name): platform = nb.dcim.platforms.get(name=site_name) devices = nb.dcim.devices.filter(platform_id=platform.id) return devices def get_roles(): roles = nb.dcim.device_roles.all() return roles def get_role(server): try: try: return server.role except: return server.device_role except Exception as error: return "ungrouped" def which_tenant(server): try: if server.tenant: return str(server.tenant) else: # print("No tenant") return None except Exception as error: print(error) def which_gmn(server): try: if "management" in server.tags: return "management" else: return "no_management" except Exception as error: print(error) def get_tenants(): tenants = nb.tenancy.tenants.all() return tenants def get_device_role(site, role_name): platform = nb.dcim.platforms.get(name=site) role = nb.dcim.device_roles.get(platform_id=platform.id, name=role_name) if not role: print("Role not found") sys.exit(2) return role.id def get_vip(site, servers): vms = get_vms(site) proxy_vms = [] for vm in vms: if str(vm.role).lower() == "proxy-servers": proxy_vms.append(vm) for vm in proxy_vms: ips = nb.ipam.ip_addresses.filter(virtual_machine_id=vm.id) for ip in ips: if str(ip.role) == "VIP": return ip.address else: return "" def get_tenant_role_map(path="/etc/ansible/role-tenant-map.json"): """ """ try: with open(path, "r") as fd: return json.load(fd) except Exception as error: print(error) def generate_inventory(site, servers): """ Generate ansible groups based on roles and tenants """ role_tenant_map = get_tenant_role_map() roles = get_roles() tenants = get_tenants() # base json|yaml structure inventory = { "all": {"hosts": []}, "management": {"children": {}}, "no_management": {"children": {}, "vars": {}}, "ungrouped": {"children": {}}, "_meta": {"hostvars": {}} } proxy_vip = get_vip(site, servers).split("/")[0] if proxy_vip: inventory["no_gmn"]["vars"] = { "ansible_ssh_common_args": f"'-o ProxyJump={proxy_vip} -o StrictHostKeyChecking=no'" } for tenant in tenants: inventory[tenant.name] = {"children": {}} for role in role_tenant_map[tenant.name]: inventory[tenant.name]["children"][role] = {} for role in roles: inventory[role.name] = {"hosts": []} if role.name == "proxy-servers": inventory["management"]["children"][role.name] = {} else: inventory["no_management"]["children"][role.name] = {} for server in servers: ip = str(server.primary_ip).split("/")[0] role = str(get_role(server)) inventory["all"]["hosts"].append(server.name) inventory["_meta"]["hostvars"][server.name] = { "ansible_host": f"{ip}" } if role != "None": inventory[role]["hosts"].append(server.name) return to_json(inventory) def get_introspection_data(site_name): """ site_name: str: SITE1, SITE2, etc. return list(dicts) [ { "mac": "pxe mac", "arch": "x86_64", "pm_type": "pxe_ilo", "pm_user": "static per site", "pm_password": "static per site", "pm_address": "IPMI address" "name": "position name" }, ] steps: query devices api on a given site (platform) for computes and controllers get pm_user and pm_password from somewhere get IPMI address """ openstack_nodes = [] platform = nb.dcim.platforms.get(name=site_name) devices = nb.dcim.devices.filter(platform_id=platform.id) for device in devices: if device.custom_fields["openstack_device"]: d = { "name": device.name, "mac": [device.custom_fields["openstack_pxeboot_mac"]], "pm_type": "pxe_ilo", "arch": "x86_64", "pm_user": os.environ.get("OS_INTROSPECTION_USER", None), "pm_password": os.environ.get("OS_INTROSPECTION_PASSWORD", None) } interfaces = nb.dcim.interfaces.filter(device_id=device.id) for i in interfaces: if i.name == "ILO": ilo_ip = nb.ipam.ip_addresses.filter(interface_id=i.id)[0] d["pm_address"] = ilo_ip.address.split("/")[0] openstack_nodes.append(d) return to_json(openstack_nodes) if __name__ == "__main__": args = parse_args() # Are "-" deprecated in group names? site_name = os.environ.get("SITE", None) if not site_name: print("Define a site to query with SITE environment variable") sys.exit(2) site_name = site_name.upper() if args.introspection: introspection_data = get_introspection_data(site_name) print(introspection_data) sys.exit(0) devices = get_devices(site_name) vms = get_vms(site_name) servers = devices + vms if args.list: hosts = generate_inventory(site_name, servers) print(hosts) elif args.host: pass

January 10, 2019 · 3 min · Memo Garcia

Some Richard Feynman videos

The World from another point of view Fun to imagine Knowing versus Understanding

January 4, 2019 · 1 min · Memo Garcia

Waju - A fun and brutal game

Waju or whatever is called is a game that until this day I don’t know from where it comes. But, is fun. Edit: The game is based on a German game called Mensch ärgere Dich nicht Goal The goal of the game is very simple: Move your marbles for one lap from your home to your goal. Don’t worry about winning but don’t let anyone else win. Have fun. Board ...

January 4, 2019 · 4 min · Memo Garcia

Beyond PEP 8 - Best practices for beautiful intelligible code

January 3, 2019 · 0 min · Memo Garcia

Linux on Huawei Matebook X Pro

This laptop has very decent specs: 8th Generation Intel® Core™ i7-8550U processor GPU: NVIDIA® GeForce® MX150 with 2 GB GDDR5 / Intel® UHD Graphics 620 16 GB LPDDR3 2133 MHz BT 4.1 (compatible with 3.0 and 2.1+EDR) 512 GB NVMe PCIe SSD Don’t expect running workstation level workloads in this machine but it is a wonderful dev machine. Things I don’t like about the laptop Palm rejection on Linux Sound, it only outputs sound to two speakers on Linux and it has a werid noise under high volumes. BIOS configuration is too limited (but this is Huawei’s fault) Update 14/Jul/2019 ...

December 4, 2018 · 3 min · Memo Garcia

Deploying OpenStack with Docker

Note This is a Work-In-Progress Document and the most up-to-date information is available at: github.com/memogarcia/openstack-deployer Deploying OpenStack using containers allows easy customisation and flexibility on how to deploy the platform for development, testing and production environments. Current deployment: stable/queens Host configuration The default configuration for this environment is composed by 3 main components that need to run on the host: Docker Libvirtd OpenVSwitch Docker will act as the control plane for OpenStack while the host will provide the hypervisor, network and storage. ...

May 5, 2018 · 2 min · Memo Garcia

Becoming a Certificate Authority (CA)

A Certificate Authority or CA is an entity that signs digital certificates. These digital certificates are used to validate the connection while using secure mechanisms. Generating a root CA We will use a root CA to create intermediate CA’s which are trusted to sign certificates on its behalf. First, prepare the environment. mkdir /root/ca && cd /root/ca mkdir certs crl newcerts private chmod 700 private touch index.txt echo 1000 > serial Then download the template for /root/ca/openssl.cnf from this gist and edit it. ...

February 5, 2018 · 3 min · Memo Garcia

Pratai, event driven platform for OpenStack

Note This is a Work-In-Progress Document. Read the docs at memogarcia/pratai-docs Abstract Pratai provides an incredibly flexible and resilient platform to migrate workloads to the cloud that respond to events without having to manage any server or network. How it works The goal of Pratai is simple. Deploy “code” (disclaimer, from now on I will refer to code as functions), that will react to an event without worrying about anything else, the platform handles the execution. Simple right? ...

January 5, 2018 · 6 min · Memo Garcia