Archive for the 'Admin' Category

OSDC 2016

This year was my second OSDC, and the first one as a speaker. Thanks to Netways for organizing this great conference (and also for inviting me to talk there). The conference archive for 2016 with all presentation slides is now online.
Read the rest of this entry »

Chemnitzer Linuxtage 2016

CLT2016-Tasse

Und noch ein kleiner Hinweis: Bei den Chemnitzer Linux-Tagen sind nun seit einigen Tagen die Audio-Aufzeichnungen der Vorträge online.

Getreu dem Motto „Es ist Dein Projekt“ fand ich viele Vorträge recht kleinteilig und bastelig (à la „Meine drölfzigste Raspberry Pi Lampensteuerung“). Meine persönlichen Highlights waren dann auch zwei Vorträge, die mehr zu meinem eigenen Arbeitsbereich passen: Valentin Haenels Vorstellung des AWS Federation Proxy (leider noch ohne Audio) und René Kochs Übersicht zu oVirt.

Links 2016-01-19

A few good articles on cloud development and operations.

  • Sort out deployment first, Lars Wirzenius
    It is tempting to start a new project with the interesting bits, but it’s often a mistake. One of the first steps in a new project should be to sort out deployment: getting the software installed and configured so it can be used.
  • 5 AWS mistakes you should avoid, Michael Wittig
    Useful to evaluate your own AWS web application.
  • 12 Fractured Apps, Kelsey Hightower
    Once Docker hit the scene the benefits of the 12 Factor App (12FA) really started to shine. […] Unfortunately legacy applications, including the soon-to-be-legacy application you are working on right now, have many shortcomings, especially around the startup process.
  • Moving a team from Scala to Golang, Jim Plush
    You can jump into any Go project and know immediately what it’s doing. Do I miss immutable types and some of the great features of Scala? Sure do, but I think the maintainability side of the story is too great to overlook with Go.
  • Ansible 2.0 Has Arrived
    After a year of work, we are extremely proud to announce that Ansible 2.0 (“Over the Hills and Far Away”) has been released and is now generally available. This looks like a big step forward. Finally Ansible gets a usable parsing/error reporting and with the new execution strategies you no longer have to update all hosts in lockstep.
  • What’s in a Name?, Geoff Huston (ISP Column Dec 2015)
    What’s the difference between .local and .here? Or between .onion and .apple?

New Year’s Crypto Cleanup

Just did some housekeeping of my server I want to document.

Most importantly I got myself a Let’s Encrypt TLS certificate for this blog (and my mailserver), so you no longer have to deal with my self-signed cert to use HTTPS. There has been some discussion about their official client tool, but for a first release it does not seem to be too bad; at least it is written in Python and not in Java or Scala etc. The ACME protocol itself looks sensible and I look forward to more lightweight implementations in the future.

Having a public CA also gave me the opportunity to add an HTTP Strict Transport Security header. Now the next step would be HTTP Public Key Pinning, but that is still out of range for a non-professional website; because Let’s Encrypt may still change their intermediary CA certificate and I also do not have a backup CA that I could use in case of a problem. (BTW, nice HPKP advice on the Let’s Encrypt community site.)

Somewhat related I also expired my old 1024 bit PGP key from  as well as the PGP key of my former work address at DECK36. (BTW, here is a nice description how-to edit gpg key expiration dates by George Notaras.) In order to reach me securely please use my current PGP key (0x4dc5e2280a327754, also on my Contact page).

Interesting Programming Languages

One personal goal this winter is to do more programming in beautiful languages.

At this moment I am quite excited about Python 3, Perl 6, and Go. Read the rest of this entry »

Chemnitzer Linuxtage 2015

CLT2015 Tasse

IPv6 Nameserver

Ganz ohne Ankündigung hat mein DNS-Provider irgendwann in letzter Zeit seinen Nameservern endlich auchIPv6-Adressen gegeben.

Das war der letzte Schritt um meine Website aus einem IPv6-only-Netz heraus erreichen zu können. Und gleichzeitig der letzte Schritt für mich um ein schönes T-Shirt von HE.net zu bekommen  ;-)

My First FreeBSD Port

A nice surprise last week: textproc/libcrm114 became my first official FreeBSD port.  :-)

Read the rest of this entry »