The Dark Side of Puppet Forge (et. al.)

Let me preface this by saying I don’t think this is unique to Puppet Forge, and the problem isn’t even with Puppet Forge itself. Puppet Forge provides an excellent resource for the Puppet community, and I think it provides tremendous value.

But I think that a push towards “configuration management everywhere”, combined with reductions in resources leads folks to think that resources like PuppetForge are a panacea.

Sherman, set the Wayback machine….

A couple decades ago, as Visual Basic started to become popular, and various development platforms were created for simply making programming “attach this pre-made module to that pre-made module and plug in a couple values”, the industry (rightly) cried foul that people would confuse an ability to assemble the software-development version of Lego with actual programming. The difference in ability between “constructing a house from scratch” versus “sticking together some pre-fab materials” was an apt analogy.  Some people didn’t necessarily understand how their code worked, or even what it was doing, and still bandied around the title of “programmer”. To a large extent, we’ve dissuaded that sort of practice from continuing (near as I can tell).

In the system administration community, we need to be wary of falling into the same trap. There’s a world of difference between going to PuppetForge, grabbing a pre-made manifest for managing “OpenLDAP”, and that of installing OpenLDAP (even just from yum/apt), and then configuring it yourself. (Better still would be the level of knowledge imparted by compiling from source, but install/configure is a good middle-ground).

When sysadmin’ing a given package becomes “I grabbed the module from PF and installed it, and now it works”, a lot of the knowledge necessary for day to day maintenance is simply missing. What files were installed where? Why were they installed there? Configuration options in a Puppet module that seem benign might actually have much longer-lasting ripple effects than you can realize.

As I said, Puppet Forge is an excellent resource. But it is no substitute for understanding how to do the install in the first place. Puppet Forge should be used for ideas about “how to configure YOUR module,” as opposed to being “the module you use”.

While that seems like I’m saying “reinvent the wheel every time,” because of some weird theme of “not invented here” syndrome, I’m not. What it means is that after the application is installed, months down the road, there’s going to be some sort of problem with it. And if all you know about the configuration of the application is what was exposed to you (or worse, your predecessor) by the pre-made module that was downloaded, your ability to diagnose problems with that application is going to be substantially reduced. Having configured it yourself, from the ground up, and then built a Puppet module on your own (or by referencing existing modules) to recreate that config is most definitely the path to success.

As a profession, we need to be wary of falling into the trap of “Oh this is an easy and quick to solve this, and I’ve got so much other stuff to get done today before I go home.” This is the sort of problem which silently lurks below the surface, and wreaks untold damage when it goes foul.

We’re still early enough in the adoption of “config management everywhere” that it’s not too late to change the direction our collective mindset is heading; to ensure that we don’t end up in a realm of tech-skills disparity the way the programming industry did in the not-too-distant past.

The Ecology of the Goa’uld

(Non-sci-fi-nerds.. just turn away, this is the sort of thing you probably beat up kids in high school for talking about).

So I’ve been re-watching Stargate SG-1 (Wikipedia) (IMDb) on my morning and afternoon commute, and something has been bugging me.  I dug around on SG-1 fan sites and couldn’t find a satisfactory answer, hell even a discussion, of the topic.

Throughout the course of the series we encounter maybe a dozen Goa’uld – the System Lords. Which gives us the impression that Goa’ulds, in hosts, are uncommon. This would make sense as well, since the Goa’uld fool everyone into thinking they are gods, and there can’t be a lot of gods.

But we see literally hundreds of thousands of Jaffa throughout the show. The Jaffa carry, in their bellies, Goa’uld symbiotes that are maturing.

And so my question is:  Where the fuck are those symbiotes going when they mature?

Sure, some of them are dying – en masse – in various conflicts. But surely some of them are surviving, reaching maturity, and … then what?

At the rate symbiotes are growing inside Jaffa there should be planets full of matured, fully hosted, Goa’uld (just, presumably, ones who aren’t System Lords, and aren’t going around pretending to be gods, unless the faithful are supposed to believe in a pantheon of a billion all-powerful deities, which would strain credibility.

Why have we never even heard of this society in the course of the show? It seems to be a glaring plot-hole that I’m just surprised nobody has mentioned before. I feel like I must be missing something.

The Kindle

So, this week, I did something I’d been reluctantly avoiding for a while: I bought a Kindle.
I’m still somewhat “anti-Kindle”, even after its purchase. Is it a cool device? Absolutely. At a purely “geek/technical” level, it’s a great little device.
My beef with the Kindle has always been that my grandfather bestowed his genetic makeup on me when it comes to a love of the printed word. I remember thumbing throw walls of books that he had taken great care of his entire life… borrowing books that clearly had been in “The Library of John F. Balling” (as the embossed title page would tell you) for decades. There was a shared bond, that my hands were turning those pages just as my father’s might have, and my grandfather’s before that.
And a Kindle is completely incapable of that sort of history.
D told me, when we discussed it, that we could always buy (again) the dead-trees version of a book if it was “worthy of permanence”, but by the same token, there were books in my grandfather’s collection that I remember reading that weren’t, necessarily, “life-changing permanent-collection” books, but were just common paperbacks.
But, I try to keep an open mind (no, really, I do, I’m just not always successful!), and recently had a couple bucks to spare and decided to take a chance, and see if I liked it. Easing my mind was the realization that I could treat the Kindle like a USB drive on my Mac and rip the DRM’ed books off of the unit, and stash them somewhere else (in case Amazon decides to delete them from peoples’ units, or in case the technology sucks, etc., etc. By having copies of them at least, I can always break the DRM later (using the DMCA’s interoperability exception as the legal basis), so there’s more of a feeling of “ownership” than of being some crummy “licensee” (even if the Kindle terms and conditions are clear that it’s the latter… at the end of the day, the reality is much more important than the legalities on something like that).
So, … any suggestions of good books to download to my Kindle? 🙂

Twitter Boot Camp?!!

Yes, that’s right, kids, if “how to type meaningless crap in under 140 characters” is something you’re having trouble figuring out, O’Reilly is running a Twitter Boot Camp. For the low-low price of $399, you too can be “trained” on things that are essentially covered in the help pages of what has to be the simplest and yet most inane product ever devised on the web (and let’s be honest, that’s saying a LOT).
What’s more, there’s the option of UPGRADING to the boot camp plus a “talk twitter dinner” with Tim O’Reilly, for $1500. Now, meaning no disrespect to Tim, because he’s a fine human being and he keeps robo-signing my quarterly royalty checks, but …. SERIOUSLY!?! $1100 extra to “talk about Twitter” with Tim over dinner? For fucks sake, that dinner better be cooked personally by Mario Batali at that price, and include full-GFE with someone cute, because that’s just insane.
You can go to the O’Reilly Open Source conference (or, frankly, almost any conference O’Reilly runs) and sit down at the same table as Tim at lunch and eat a meal with him, and I’m sure he’d happily discuss Twitter, or Perl, or web 2.0, or whatever other topic you brought up, because that’s the kind of guy he is. He loves to chat about tech issues. There’s nobody so hard up to talk to Tim that they need to pay $1100 to do it, when Tim does it for free all the time. 🙂
It truly is a world gone mad, I tell you…..

iTunes Library Management (and Heirarchical Storage)

Dear Lazyweb….
I have a huge iTunes music library (about 65GB worth). Right now, that all sits on my laptop, gets backed up when I back up my library, etc., etc. At any given time, I’m really probably only “immediately interested” in, maybe, 10% of that.
I’ve got a NAS in my basement. In my perfect world, there would be some software I could run which would keep my NAS as my “main repository” but give me the option of dragging stuff from my NAS into my “currently deployed” iTunes library. This would free up space on my laptop, make my backups faster, and just be overall easier to deal with.
If I had a “spare” Mac running, with space available, I could use SuperSync to shuffle tunes (and their meta-data) between the two systems, but I don’t see any easy way to do that just with some spare NAS-space.
Anyone done this before and have some pointers?

Building The Millennium Falcon

A couple years ago, I built the Lego Star Destroyer, and took some pictures along the way. While that was interesting and all, it was nowhere near as creative as this guy who decided to make a movie out of the construction of his big-ass Millennium Falcon Lego creation. He took the opportunity to make a 10-minute stop-motion film completely with construction workers, stormtrooper attacks, cleaning crews, you name it. The level of detail in this little flick is amazing, and I sat mesmerized watching it….
Building the LEGO Millennium Falcon from Gizmodo on Vimeo.

An Awesome Night

Last night, when I should have been at the Blue Man Group show, I was passed out sick in bed at the Bellagio. My boss went to the show without me (can’t say that I can blame him).

What’s interesting though, is what I missed out on last night. Before the Blue Men come on stage, they “warm up” the audience by introducing visiting celebrities, dignitaries, etc., on an LED scroller-board, ask them to stand up, tell the crowd what they’re famous for, ask the audience to applaud for them, or scream their name, or whatever. And then at the end the “last” person is just a nobody. The board says something like “SOANDSO IS JUST A NORMAL PERSON. EVERYONE SAY ‘WE LOVE YOU SOANDSO'”.

Last night, while I was not in the theatre, I was the “normal person”…. they rattled off my name, asked me to stand up (I never asked my boss if he stood up in my place), etc., etc….

My boss showed me pictures he took, and I was sad. I had missed something that would have been really funny-cool.

Tonight though…. I got something far….. FAR cooler.

I got to be on-stage with Penn and Teller. More importantly, I got to participate in a trick I have always wanted to participate in – The Magic Bullet trick.

The principle of the magic bullet trick: There is a yellow line down the center of the stage which NONE SHALL PASS. On one side of the stage is Penn, with a .357 Magnum revolver with a laser sight. On the other side is Teller, with an identical weapon. Two audience members are called up, on either side of the stage. They specifically ask for people “who know guns”. Each volunteer selects a bullet at random from a bullet purse. You then sign the head of the bullet with distinctive markings. The volunteers also draw a distinctive picture on the shell casing (both in your choice of Sharpie colors). The volunteer then is invited to inspect the weapon, and verify that it is what it appears in all respects to be… a badass Colt Python with a laser scope. The volunteer then, seeing his autographed shell-casing go into the cylinder, pushes the bullet into the cylinder, and observes the closing of the cylinder. Penn (and Teller) both at this point are holding the weapon away from their bodies and in plain sight the entire time. Two pieces of plate glass are also inspected by the volunteers to ensure that there are no pyro devices attached, and that it is real glass.

The guns are placed in holders on stage (again, in full view) while they go suit up into body-armor. The volunteers are shuffled offstage while this happens. They then proceed to come out, aim the weapons at each other through the glass, and fire the weapons at each other. They then turn to the audience to show, in their teeth, bullets they have “caught”. The volunteers are called up on stage to take the bullet out of the opposite side’s mouth, and confirm that it has their initials on it. They then return to “their” magician, and remove the shell-casing from “their” magician’s sidearm, and confirm that the shell-casing is the one they signed. The bullet is inspected for striations from the barrel. Both the bullet and the casing are inspected for evidence of having been fired. The volunteer also inspects the glass to confirm that the hole goes all the way through the glass (which does not shatter but just has a big-ass hole in it)

I’ve seen this trick done by Penn and Teller a dozen times in various forums (live, TV, etc.). I’ve watched it on television and from the third row. And every time I’ve come away with the same feeling – it HAS to be a pair of plants. The only way I could see that it works would be to have the volunteers be in on the gag, signing the other’s initials on the bullet, or something like that.

But now I know… it can’t be dependent on a plant, because yours truly now has in his possession, one used bullet and shell-casing, plucked from Teller’s teeth (well, technically spit into my open hand, but the principle is the same).

My latest theory would be that there is some sort of MASSIVE misdirection that enables each of them to:
(more after the break, in case you’re squeamish about magic-trick reveals)

Continue reading

High Performance MySQL, Second Edition

I’m pleased to say that the Second Edition of High Performance MySQL is now available for purchase from
Baron, Peter, Vadim and Arjen did an excellent job updating the first edition, bringing it current to support 5.0 and 5.1 flavors of MySQL, expanding the content of the previous edition by more than doubling its size (from a first edition page-count of 275, to a second edition page-count of 708). There’s a lot of good stuff in there, and if MySQL administration is your daily grind, picking up a copy would be well-advised.


This will be meaningless to a good chunk of you. Just ignore me, if that’s the case.
Don’t ever buy 0U PDUs. If you’re thinking about it, don’t. If you’re still thinking about it now, slit your own throat before you can verbally agree to the purchase. If you’ve already verbally agreed, chop off your hand so you can’t sign. If you’ve already signed, then the phrase “down not across” should become your new mantra.
Seriously, there isn’t a single fscking vendor out there that does them right. And heaven forbid you’re stuck with a cabinet configuration that’s not the Official Sanctioned and Blessed Configuration Manufactured By The PDU Manufacturer, because then you’ll be lucky if you can get the PDU anywhere near the right location, even if you use arc-welders, chewing gum, and duct-tape.
Don’t do it. Self-performed Lasik surgery would be a more productive use of your time, and far less painful.