Storing Assets in the Database
It seems common for web site builders to want to store binary objects associated with a site in the database that drives it. Based on my research, it also seems to be nearly universally cautioned against by folks with experience. Those folks make good arguments.
Regardless, I'd prefer to minimize my need to manage mutable shared disk storage. I don't see a way around storing audio files (to be streamed) on disk; pulling those files from a database as binary objects thwarts the web servers' ability to stream the data. But I can store small-ish images that accompany articles in the database without too much adverse performance impact.
August 19, 2016
Azure Template Extraction
Packer prints out some details at the completion of each
packer buildrun for Azure systems. That detail includes a Shared Access Signature URL for the image template required to execute an
azure group deployment createcommand to get a virtual machine up and running.
There are a couple of
packercommand-line switches to accommodate the extraction of that information so that it can be fed programmatically in to a deployment pipeline:
July 27, 2016
Floating Over Redmond
A Blue Sky Strategy
The stars have aligned such that I find myself driven back to the cold embrace of the spawn of Gates and Allen.
Or a more positive perspective: I've been afforded the opportunity to expand my knowledge of IaaS cloud offerings beyond my native Amazon Web Services. For the last couple of weeks I have been (and for the foreseeable future, will be) stumbling through the thick fog of Microsoft Azure.
July 19, 2016
The Hard Way
Splicing via Parameter
A couple of weeks ago I was attempting to add functionality to this site to permit the retrieval of articles individually. I found it challenging to locate any working examples where data from an HTTP parameter is used to form a query to pull down results from a database to be used in a compiled splice. Here's what I eventually came up with:
May 06, 2016
TLS, HPKP, and HSTS
I've put some effort in to ensuring that the transport security for this site leverages the latest technologies available. To that end, I've enabled HSTS (to ensure that client browsers know to only request this site over HTTPS) and HPKP (to instruct client browsers to only accept a connection made with the correct public key).
April 19, 2016
I came up with this some years back and recorded it a few weeks ago. I'll probably add to it over time. I recently moved (most of) my media files in to my database. I know that's not a popular choice (for good reasons), but I want to maximize my flexibility in posting images and audio files while minimizing my need to rely on shared storage (so that I can quickly spin servers up in AWS, Azure, LXC or Triton).
April 18, 2016
Visited Lavelle Vineyards this weekend.
April 18, 2016
Adventures in Haskell
I've decided that I need to make a real effort to understand functional programming.
April 06, 2016
CSS Tables with Fixed Headers
I’ve been using a table in one of my web applications for a while that's bothered me. The table displays NetFlow data and may contain many thousands of lines with fields of varying lengths (e.g., shorter fields for IPv4 addresses and longer fields for IPv6 addresses). To allow for maximum flexibility, I've defined the table using percentages so that it can be expanded to full screen or to occupy a smaller window.
The aspect that bothered me the most was the header. To get the labels to line up correctly, the header needed to be part of the larger table to accommodate the flexible field widths; if I wanted the labels to line up, it could not be defined as an outer table with an inner div that allowed for scrolling as many sites suggest. This meant that the header would scroll off the page when the data was accessed. However, I finally figured out a way to overcome that difficulty.
August 01, 2011
No matter how much you might resist using matrix transformations with SVG documents, if you intend to modify an image dynamically (and cumulatively), matrixes are your only viable option.
Many sites tell you that you should use matrixes, ostensibly for speed purposes. In my opinion, speed is not the issue. The issue is the complexity associated with applying multiple transformations to an element; you just can't do it with simple transformations (e.g., rotate, translate, skew and/or scale).
February 19, 2011
Snort IDS and Flower
Snort IDS Events and Flower
Over the last couple of weekends I've added the ability to capture and report on alerts generated by Snort IDS sensors. The additional code consists of: modifications to the Analysis Server to store and retrieve IDS related data, modifications to the Visualization Server to present that IDS data in a meaningful manner, and a new Python-based module that is installed on the IDS sensor itself.
That last component opens a local UNIX domain socket on the sensor. Snort is then configured to log alerts to that socket. When data is received on the open socket, the Python code parses the alert and opens a web services connection to the Analysis Server to deliver the results.
November 20, 2010
Flower NFA Update
Flower NFA Update
I've made some significant updates both to the Flower Visualization Server and to the supporting Analysis Server:
October 07, 2010
OpenIndiana on XenServer
OpenIndiana and XenServer
Now that OpenSolaris is officially dead and the drama has died down a bit, I thought it might be time to figure out how to install OpenIndiana on my XenServer. I've heard some say that you can't install the new distribution on Xen as a domU, but that is demonstrably incorrect (although as I understand it, dom0 is presently out of the question due to Oracle pulling out the relevant xVM bits).
Installing OpenIndiana 147 on XenServer 5.5 is nearly identical to installing OpenSolaris on the same (as would be expected considering OpenIndiana’s roots).
October 01, 2010
Nmap Gone Wild
Might need an adjustment
I think it might be time to add a sensitivity parameter to my network mapping code:
August 16, 2010
Git Repository Available
I've published the Analysis Server code out to GitHub.com. Instructions for building and deploying the server from source (using Ant - NetBeans is not required) are included on the Wiki.
This is a screenshot of the Visualization interface as currently available at https://app.jdthomas.net:
August 13, 2010
Unusual Flow Patterns
I've been noticing some interesting patterns using my Flower Analysis tool.
July 15, 2010
Flower on EC2
Flower EC2 AMI Available
Here is a current shot of the Flower console:
July 08, 2010
Installing NexentaCP 2 RC1 on XenServer 5
Although Nexenta uses the OpenSolaris kernel, there are a few unique steps that you'll need to take in order to get Nexenta up and running paravirtualized (PV) on XenServer 5. These steps are a result of the lack of certain files in the default ramdisk on the Nexenta installation CD.
Also, the CDROM device seems to be handled differently in Nexenta than it is in OpenSolaris. As a result, these instructions will require you to fully install Nexenta in HVM mode and then flip the right bits to convert it to PV.
April 03, 2009
Updating OpenSolaris on XenServer
Updating OpenSolaris on XenServer 5
Following my previous post from December on installing OpenSolaris 2008.11 in a para-virtualized environment on XenServer 5, I thought it might be helpful for some folks to understand how to update their new virtual machines. A commenter on the original article (Thanks phrost!) discovered some of this. Since originally installing the 2008.11 release, I’ve switched to the development repository and I've been tracking the pre-release 2009.06 code.
When an "Update All" operation is performed on the OpenSolaris machine, a new Boot Environment (BE) is created. This new BE will be suffixed with a
-#as an iteration to the original BE (e.g., an original
opensolaris-1which would later become
February 27, 2009
OpenSolaris on XenServer
XenServer 5 and OpenSolaris 2008.11
I really enjoy the XenServer product from Citrix (formerly XenSource). It's relatively lightweight, self-contained, works with my hardware, provides para-virtualized drivers for Windows and is free. The latest revision (v5 as of this posting) has also eliminated many of the crippling aspects of the v4 "Express" series.
However, perhaps the most frustrating limitation of XenServer is its lack of support for non-Linux/Windows operating systems. Some operating systems can be shoe-horned in as HVM guests, but performance is nothing short of abysmal.
December 22, 2008