Friday 7 December 2012

Managing my ubuntu security patches

I use ubuntu server as my key linux development environment.  It is fairly up to date and today in fact that is the topic of my post.  Many a time Ubuntu tells me that there is a whole bunch of updates that I have to install and I dont have the patience to figure out which ones are needed and why.  While I have always wanted to get the security updates installed, I really didnt want to install all the updates.

That is when I found out the gem of a command, unattended-upgrade.  Just issuing this from time to time took care of installing all the security updates and let me decide what I want to install later.  


sudo unattended-upgrade

Hope this post will help you also address this simple but essential update need on your ubuntu instances.

Thursday 5 July 2012

Wrestling with gevent-socketio

I just spent most of last week attempting to get gent-socketio to work. First problem that I ran into was that nobody seems to have used it with adobe flash based fallback on browsers that do not support websocket.   This method is referred to in the socket.io library as flashsocket.  I was pretty confident that nobody has tried it since the swf file required by socket.io was missing in the distribution.  I fixed that by checking in the swf file into the bit repo.   That was the easy problem to fix.

The second challenge was that socket.io has a concept of namespaces which are essentially logical boundaries r messages so that one physical connectioncan be multiplexed by multiple capabilities on a given page. There are two confusing concepts plus a potential bug that really confused me.  In the socket.io world you would use a namespace by specifying it in the io.connect() call on the client. Thus if you wanted to use the namespaces foo and bar. 

You would use the following code

fooconn =io.connect('http://myserver.com:8000/foo')
barconn =io.connect('http://myserver.com:8000/bar')

Now the confusing part is that the client library will use the host and port specified to connect to the server but would use the 'foo' /'bar' as the namespace as part of the socket.io protocol and the actual URL requested  on the server would be

http://myserver.com:8000/socket.io/

If you want to change the URL you have to send a key:value pair as part of the connect call like so

fooconn =io.connect('http://myserver.com:8000/foo', resource:"myurlprefix")

This will make the client library generate an URL of http://myserver.com:8000/myurlprefix/  and the namespace within the protocol would be 'foo'.  If you want to change the URL prefix then you have to change it on the server side as well. You do that by specifying the resource parameter on the server side if you are using a node.js server.  On python gevent-socketio libry theword resource is deprecated and you instead have to use the key 'namespace'!!! 


Well I just couldn't figure out all this complexity myself.  Thanks to Daniel Swarbrick who gave me some very detailed help I finally got my hands around the library. Thanks Daniel.

Hope this little explation gives you a background on what to look out for in gevent-socketio.  I will keep posting on any other gotchas that I runinto when I play with this library.

Tuesday 26 June 2012

Using Monit to monitor a Redis instance

I have been using Redis for a long time now (since version 1.x) - the challenge has been how to start and manage an instance and get alerts when it is consuming too much memory.  This is where Monit comes in - it can monitor various Unix daemons and provide a single dashboard to view status, manage restarts etc.,

Here is how I have configured monit to watch redis


 check process redis with pidfile /var/run/redis.pid
   group redis
   start program = "/usr/local/bin/redis-server /etc/redis/redis.conf"
   stop  program = "/usr/local/bin/redis-cli shutdown"
   if failed unixsocket /var/redis/redis.sock
        send "SET MONIT-TEST value\r\n"
        expect "OK"
        send "EXISTS MONIT-TEST\r\n"
        expect ":1"
   then restart
   if 2 restarts within 2 cycles then alert

This worked fairly well with Monit not only monitor an instance but also tries to put a key and test and make sure that the redis instance is running fine.

Monday 25 June 2012