Posts

These are the songs I was listening to this year. Ni**as In Paris – JAY-Z, Kanye West – Watch The Throne Closer – The Chainsmokers, Halsey – Closer Starboy – The Weeknd, Daft Punk – Starboy Cake By The Ocean – DNCE – DNCE Party Rock Anthem – LMFAO, Lauren Bennett, Goon Rock – Sorry For Party Rocking Through The Wire – Kanye West – The College Dropout Flashing Lights – Kanye West – Graduation WTF (Where They From) – Missy Elliot, Pharrell Williams – WTF (Where They From) Amerika – Wintersleep – The Great Detachment Temperature – Sean Paul – The Trinity Can’t Feel My Face – The Weeknd – Beauty Behind The Madness Ghosts ’n’ Stuff – deadmaus, Rob Swire – For Lack of a Better Name Turn Down for What – DJ Snake, Lil Jon – Turn Down for What Beautiful People – Chris Brown, Benny Benassi – F.A.M.E. Downtown – Macklemore & Ryan Lewis – This Unruly Mess I’ve Made Elastic Heart – Sia – 1000 Forms Of Fear Chandelier – Sia – 1000 Forms Of Fear Nightcall – Kavinsky – Nightcall Why’d You Only Call Me When You’re High? – Arctic Monkeys – AM Rock DJ – Robbie Williams – Sing When You’re Winning Paper Planes – M.I.A. – Kala Somebody That I Used To Know – Gotye, Kimbra – Making Mirrors Cheap Thrills – Sia, Sean Paul – Cheap Thrills Lean On – Major Lazer – Peace Is The Mission Give Me Everything – Pitbull, Ne-Yo, Afrojack, Nayer – Planet Pit Through the Night – Grum – Heartbeats Hypnotize - 2014 Remaster – The Notorious B.I.G. – Life After Death Big Poppa - 2005 Remaster – The Notorious B.I.G. – Ready to Die Still Not a Player – Big Pun, Joe – The Legacy: The Best of Big Pin Break Ya Neck – Busta Rhymes – Genesis It Was A Good Day – Ice Cube – The Predator Working For It – ZHU, Skrillex, THEY. – GENERATIONWHY Wrong – Depeche Mode – Sounds Of The Universe Thinking out Loud – Ed Sheeran – x Watch Me (Whip / Nae Nae) – Silento – Watch Me (Whip / Nae Nae) Mad World – Gary Jules, Michael Andrews – Trading Snakeoil for Wolftickets M.A.D – Hadouken! – M.A.D. New York Groove – Ace Frehley – Kiss; Ace Frehley Red Alert – Basement Jaxx – The Singles Hold Me – Delta Heavy – Overkill / Hold Me Shape of You – Ed Sheeran – Shape of You Move Your Feet – Junior Senior – d-d-don’t don’t stop the beat Down By The Water – PJ Harvey – To Bring You My Love Welcome to the Black Parade – My Chemical Romance – The Black Parade Daydream Believer – The Monkees – The Birds, The Bees, & The Monkees Abracadabra – Steve Miller Band – Abracadabra Jumper – Third Eye Blind – Third Eye Blind Ruiner – Nine Inch Nails – The Downward Spiral Break My Stride – Matthew Wilder – ’80s Pop Hits You Make My Dreams (Come True) – Daryl Hall & John Oates – The Essential Daryl Hall & John Oates Boogie Wonderland – Earth, Wind & Fire, The Emotions – I Am September – Earth, Wind & Fire – Now, Then & Forever Modern Love – David Bowie – Legacy Let’s Groove – Earth, Wind & Fire – 80s 100 Hits Give It Up – KC & The Sunshine Band – 80s 100 Hits I Believe in a Thing Called Love – The Darkness – Permission to Land Swish Swish – Katie Perry, Nicki Minaj – Witness Hotline Bling – Drake – Views And that’s it for 2017! See you next year! ...

This article assumes intermediate knowledge of an EC2 instance’s lifecycle and various AWS services. When an Linux EC2 instance starts up, user data runs as part of the cloud-init system. This allows system administrators to configure an EC2 instance at runtime, exactly once, as user data does not automatically run ever again once the server has started. At Unbounce, we built our user data to install our services onto the machine at runtime, then configure it for the specific environment (production, staging, etc.) that it required. One issue was what to do with failures within the user data script. When a failure happens and fails to start the service successfully, the machine (if behind an auto-scaling group) will be terminated and we lose why the user data failed. The first fix for this is to use off-box logging, like Cloudwatch Logs or, in our case, SumoLogic. That helped, but the turnaround time between the log service receiving the log entry and developers being notified can reach upwards of 5 minutes. By that time, the box is dead and gone. And this all assumes that enough user data ran to configure and start the off-site logging service successfully. ...

During beer o’clock at work, I happened upon Roman, who is a software developer on our API and Integrations team. He asked for my opinion on creating a sort-of “contract” between teams when setting up SNS topics and subscribing them to SQS queues. Now, this is how conversations with me often start. I’m a software developer by trade, but I have my feet in cloud infrastructure and security as well so, at the very least, I’m a good sounding board for people’s architecture ideas. I pushed a bit deeper and he finally relented and stated that he doesn’t want to think about the infrastructure, only the contract between teams and, really, he wants to emit an event and have it consumed by someone else… if they care enough to consume it. ...

Recently, the CodeCommit service from AWS became available in Canada (ca-central-1 region). As I’m Canadian, I like to keep my hosting as close to home as possible, for myriad reasons, but mainly because each commit getting appended with “eh!”. The CodeCommit service from Amazon (AWS) hosts Git repositories. That’s about it. It’s no Github or Gitlab, but it does ensure at-rest encryption and access is limited to specific IAM users. If you just need private Git hosting for free (or on the cheap) without any WebUI help, CodeCommit is good. ...

Secrets management is a constant topic for debate in tech and security circles, even more so for users of cloud providers. There are solutions like Hashicorp Vault, Sneaker, and Credstash (even a locked down S3 bucket) that we have looked at using at Unbounce. Each solution has its own level of complexity to setup and maintain. All of these solutions suffer from the same problem, which I like to call “Step 0” or, how the heck do I manage the master key that unlocks everything? At some point in the encryption process, trust has to be established and that is the point where encryption cannot be used (Step 0). ...

Gitlab CI is amazing. I love how well it works… when you finally get it setup correctly. With Go, some of the articles on the Web state that you need to install the entire Go environment. These articles are out of date. Getting everything working made the YAML file messy and convoluted. With recent updates to Gitlab, just use the golang docker image from DockerHub (it’s an official image, so it’s safe). My gitlab-ci.yml file now looks like this: ...

I have worked for many companies in my career and noticed some basic trends regardless of size, industry, or composition. I’m labeling these trends the Four Horsemen of Companies, and each one is named after a specific type of inflammation (-itis). My advice to budding job seekers is to work for a variety of places so that experience and understanding can be gained. If you only work for one particular type of company, you and the company end up being more prone to these horsemen than you think. If you are already employed, consider whether any of these horsemen are already present in your organization. ...

This article demonstrates how you can quickly rotate your AWS keys in 2 minutes. Anything longer and I’m certain that nobody will do it. This is important as you should be in the habit of rotating these credentials often. Personally, I set reminders to change my keys every 30 days. Caveats You must have only one set of access keys created. Your IAM policy must allow you to manage your own keys. You must know where you store your AWS credentials (everyone is a bit different here). Key Rotation Process The process is thus: ...

I purchased business cards awhile back but I never wrote anything about it. They are personal business cards, I needed them for situations where I am meeting new people. I am actually fairly shy about giving them out, it is surprising that some people think business cards show how outdated you are, yet they are still used quite a lot in other countries and non-tech industries. Here is what the cards look like: ...

For the past few years in the software development world, there has been a push to break-up monolithic applications into microservices. These smaller pieces of code perform one task and contain a small amount of code. Often, these microservices are contained within Docker images and reside on shared infrastructure. At first, it seems that there isn’t much of a place for infrastructure in a microservices environment. But I want to introduce the concept of nanoservices to everyone. These are even smaller than microservices and contain basic logic that infrastructure teams manage on a daily basis. ...