Jekyll2023-10-23T04:55:35+00:00/feed.xmlrubysecurity.orgAnecdotes from a Linux Systems Administrator. /rootAlpha01Where am I?2023-08-05T00:00:00+00:002023-08-05T00:00:00+00:00/cloud/worklife/year-later<p>It’s exactly one year since I’ve written something meaningful on this tech blog. They’re certainly many reasons (or excuses) on why I haven’t been active these past 365 days. First and foremost is work, while I do get to work with really awesome and new technologies as part of my job as a Cloud Engineer. I do not post anything related to what I’m doing at work, since I’m obviously on an NDA with my employer.</p>
<p>Thus said, the primary reason why I’ve been fairly quiet for a year, is that I’ve been shifting my personal time off to non-tech or homelab related activities (work-life balance you can say). This doesn’t mean that I’m getting rid off my homelab or anything like that. I still have a lots of blog post drafts and ideas of new cool apps to explore and write about. As well as I’m still reading tech related books (this will certainly never stop!).</p>
<p>Excuses aside, I’m hoping to return to continue writing posts in here soon.</p>Alpha01It’s exactly one year since I’ve written something meaningful on this tech blog. They’re certainly many reasons (or excuses) on why I haven’t been active these past 365 days. First and foremost is work, while I do get to work with really awesome and new technologies as part of my job as a Cloud Engineer. I do not post anything related to what I’m doing at work, since I’m obviously on an NDA with my employer.Rancher Deep Dive2023-03-31T00:00:00+00:002023-03-31T00:00:00+00:00/books/kubernetes/rancher/rancher-deep-dive<p><strong>Rancher Deep Dive: Manage enterprise Kubernetes seamlessly using Rancher</strong> is the book to help you use Rancher and it’s associated set of technologies. My history with the Rancher set of Kubernetes technologies is not new. RKE and Rancher have been my go to Kubernetes distribution and management solution that I’ve been running in my homelab for a few years now. The primary reason being how incredibly easy it was at the time to get a fully functionally, production like, working Kubernetes cluster on my KVM homelab environment, with very minimal effort. Aside from <a href="https://minikube.sigs.k8s.io/docs/start/" target="_blank">Minikube</a> which is really aimed for a quick way to start learning Kubernetes, in my opinion. RKE/2 is still by far the best option to go, when running non-managed Kubernetes.</p>
<p>Whether you’re a beginner or advanced Kubernetes user, this book does an excellent job teaching the core Kubernetes concepts and how the Rancher ecosystem comes into place. Each chapter progresses and builds on the knowledge that was described on the previous chapters. You’ll learn from the basics of Kubernetes, to deploying a full fledge Kubernetes cluster wether on your own computer with the help of RKE/RKE2 or on the cloud using a managed Kubernetes service. I feel this both Developers and Administrators benefit equally by this book. Obviously, given that Rancher is management solution, they’ll be more content in the book regarding administrative tasks such as Kubernetes scaling, Prometheus Monitoring, OPA Gatekeeper Policy constraints, etcd backups, etc.</p>
<p>My only negative critique of this book (and its a massive one!) is that the author doesn’t go into detail regarding the different useful features that Rancher includes, that make Kubernetes multi-tenancy easier to implement. This is a massive selling point for the Rancher product, why the author decided to not dedicate a full chapter about this, completely baffles me. Kubernetes authentication can get extremely complex, however even using simple local Rancher user accounts to showcase how Rancher Global Permissions, Cluster, and Project Roles function, would’ve been sufficient to teach the readers about this awesome feature that we get when using Rancher. In my opinion this would’ve been much more beneficial than for example, the dedicated chapter for Helm usage and development.</p>
<p>This is a good book, and would highly recommend it anyone wanting to dive into the world of Kubernetes and Rancher.</p>
<h3 id="rating-35">Rating: 3/5</h3>
<p>Rancher Deep Dive</p>
<p><a href="https://www.packtpub.com/product/rancher-deep-dive/9781803246093" target="_blank"><img src="/assets/books/Rancher-Deep-Dive.jpg" /></a></p>
<ul>
<li>Chapter 1: Introduction to Rancher and Kubernetes</li>
<li>Chapter 2: Rancher and Kubernetes High-Level Architecture</li>
<li>Chapter 3: Creating a Single Node Rancher</li>
<li>Chapter 4: Creating an RKE and RKE2 Cluster</li>
<li>Chapter 5: Deploying Rancher on a Hosted Kubernetes Cluster</li>
<li>Chapter 6: Creating an RKE Cluster Using Rancher</li>
<li>Chapter 7: Deploying a Hosted Cluster with Rancher</li>
<li>Chapter 8: Importing an Externally Managed Cluster into Rancher</li>
<li>Chapter 9: Cluster Configuration Backup and Recovery</li>
<li>Chapter 10: Monitoring and Logging</li>
<li>Chapter 11: Bringing Storage to Kubernetes Using Longhorn</li>
<li>Chapter 12: Security and Compliance Using OPA Gatekeeper</li>
<li>Chapter 13: Scaling in Kubernetes</li>
<li>Chapter 14: Load Balancer Configuration and SSL Certificates</li>
<li>Chapter 15: Rancher and Kubernetes Troubleshooting</li>
<li>Chapter 16: Setting Up a CI/CD Pipeline and Image Registry</li>
<li>Chapter 17: Creating and Using Helm Charts</li>
<li>Chapter 18: Resource Management</li>
</ul>Alpha01Rancher Deep Dive: Manage enterprise Kubernetes seamlessly using Rancher is the book to help you use Rancher and it’s associated set of technologies. My history with the Rancher set of Kubernetes technologies is not new. RKE and Rancher have been my go to Kubernetes distribution and management solution that I’ve been running in my homelab for a few years now. The primary reason being how incredibly easy it was at the time to get a fully functionally, production like, working Kubernetes cluster on my KVM homelab environment, with very minimal effort. Aside from Minikube which is really aimed for a quick way to start learning Kubernetes, in my opinion. RKE/2 is still by far the best option to go, when running non-managed Kubernetes.Leveraging Kustomize for Kubernetes Manifests2023-03-24T00:00:00+00:002023-03-24T00:00:00+00:00/books/kubernetes/kustomize/leveraging-kustomize-for-kubernetes-manifests<p><a href="https://kustomize.io/" target="_blank">Kustomize</a> is one of tools that if I don’t use it often, resulting in me forgetting how it works. The last time I used this useful Kubernetes tool was about 2.5 years ago. At the time I used it to modify (patch) Helm charts, without having to touch the original chart templates. So at a high level, I knew what Kustomize is capable of doing, and what it does not do. I finally came into a situation where I needed to use the functionality of this awesome tool, so I decided to read this short O’Reilly book (or article given its length).</p>
<p>This short 46 page book is practically all you need to learn <a href="https://kustomize.io/" target="_blank">Kustomize</a>. It is divided into two chapters. The first chapter is a brief overview on the problems Kustomize is trying to solve, and how it differs from <a href="https://helm.sh/" target="_blank">Helm</a>. The second chapter is where most important content is covered in. In hindsight <a href="https://kustomize.io/" target="_blank">Kustomize</a> is a simple tool. The author does an excellent job describing the tool’s usage. With easy to follow, comprehensive examples. Anyone, even with basic level of Kubernetes knowledge can read this book, and start incorporating it in their application deployment workflow almost instantly. Reading this book along the official <a href="https://kubectl.docs.kubernetes.io/guides/" target="_blank">Kustomize Documentation</a>, is practically all its needed to become efficient in Kustomize. All while in less time their is to finish your cup of coffee!</p>
<h3 id="rating-45">Rating: 4/5</h3>
<p>Leveraging Kustomize for Kubernetes Manifests</p>
<p><a href="https://www.oreilly.com/library/view/leveraging-kustomize-for/9781098117078/" target="_blank"><img src="/assets/books/leveraging-kustomize-for-kubernetes-manifests.jpg" /></a></p>
<ul>
<li>Chapter 1: Kubernetes Application Deployment and Reuse</li>
<li>Chapter 2: Key Strategic Functionality Provided by Kustomize</li>
</ul>Alpha01Kustomize is one of tools that if I don’t use it often, resulting in me forgetting how it works. The last time I used this useful Kubernetes tool was about 2.5 years ago. At the time I used it to modify (patch) Helm charts, without having to touch the original chart templates. So at a high level, I knew what Kustomize is capable of doing, and what it does not do. I finally came into a situation where I needed to use the functionality of this awesome tool, so I decided to read this short O’Reilly book (or article given its length).Automating Workflows with GitHub Actions2022-10-13T00:00:00+00:002022-10-13T00:00:00+00:00/books/github/automating-workflows-with-github-actions<p>Given the mass scale of GitHub’s user base, when it comes to Continuous Integration and Continuous Delivery, theirs absolutely no doubt that <a href="https://docs.github.com/en/actions" target="_blank">GitHub Actions</a> is well on it’s way of becoming the most dominant platform (if it’s not already).</p>
<p>This is a fantastic book about this awesome CI/CD SaaS solution. Users from beginner, to medium and advance users should be able to gain a lot by reading it. Coming from an intermediate GitHub Actions knowledge level, as I’ve been using GitHub Actions on my daily job. The book starts from a foundational level, so even a developer with not much CI/CD experience should be able to easily grasp the core concepts. It then goes incrementally into more advance topics. For me, learning how to write custom actions from scratch was something mew that I learn from this book. One thing that I love about tech books, is the foundational/core concepts that provide. After reading this book, reading the official GitHub Actions documentation is much more easily to comprehend.</p>
<p>If you’re new to GitHub Actions, but familiar with other CI/CD systems (Jenkins being the big elephant in the room). This book does an excellent job teaching what in my opinion it’s an absolutely must have skill whether you’re a developer or a devops engineer, regardless of years of experience.</p>
<h3 id="rating-45">Rating: 4/5</h3>
<p>Workflows with GitHub Actions</p>
<p><a href="https://www.packtpub.com/product/automating-workflows-with-github-actions/9781800560406" target="_blank"><img src="/assets/books/automating-workflows-with-github-actions.png" /></a></p>
<ul>
<li>Chapter 1: Learning the Foundations for GitHub Actions</li>
<li>Chapter 2: Deep Diving into GitHub Actions</li>
<li>Chapter 3: A Closer Look at Workflows</li>
<li>Chapter 4: Working with Self-Hosted Runners</li>
<li>Chapter 5: Writing Your Own Actions</li>
<li>Chapter 6: Marketplace – Finding Existing Actions and Publishing Your Own</li>
<li>Chapter 7: Migrations</li>
<li>Chapter 8: Contributing to the Community and Finding Help</li>
<li>Chapter 9: The Future of GitHub Actions</li>
</ul>Alpha01Given the mass scale of GitHub’s user base, when it comes to Continuous Integration and Continuous Delivery, theirs absolutely no doubt that GitHub Actions is well on it’s way of becoming the most dominant platform (if it’s not already).Deep-Dive Terraform on Azure2022-08-30T00:00:00+00:002022-08-30T00:00:00+00:00/books/terraform/deep-dive-terraform<p>Deep-Dive Terraform on Azure: Automated Delivery and Deployment of Azure Solutions is a good book that will help you incorporate the power of Terraform into the Azure cloud. While it does cover some of Azure basics and of Terraform, this book is aimed towards cloud engineers already familiar with Azure, and some knowledge of infrastructure as code concepts. While I’m not new to Azure or Terraform, I definitely learned important concepts on how to properly implement Terraform in Azure.</p>
<p>The book covers core Terraform concepts like resources, data sources, providers, modules, versioning, and state management.
As well as more advance topics like security, testing, and CI/CD pipelines. It goes in depth into the best practices of implementing Terraform efficiently in Azure. One section I will definitely will come back to re-read, is the section on testing Terraform using <a href="https://terratest.gruntwork.io/" target="_blank">Terratest</a>, given that it requires having knowledge of Golang. (and the fact that I’ve had a long interest in learning Go, and now I have the perfect excuse to do so!)</p>
<p>My only negative on this book is on the CI/CD portion, it’s using Azure Pipelines as the CI/CD platform. It’s quite clear that the community has chosen GitHub Actions as the defacto CI/CD platform, and also the fact that it’s a Microsoft Product, I would’ve liked this chapter used GitHub Actions instead of Azure Pipelines. Thus said, it’s quite easy to follow along using GitHub Actions without much effort, and the principles can be applied regardless of the CI/CD platform.</p>
<h3 id="rating-35">Rating: 3/5</h3>
<p>Deep-Dive Terraform on Azure: Automated Delivery and Deployment of Azure Solutions</p>
<p><a href="https://link.springer.com/book/10.1007/978-1-4842-7328-9" target="_blank"><img src="/assets/books/deep-dive-terraform-on-azure.jpg" /></a></p>
<ul>
<li>Chapter 1: Infrastructure as Code</li>
<li>Chapter 2: Azure and Terraform</li>
<li>Chapter 3: Getting Started with Terraform</li>
<li>Chapter 4: Deep-Dive into Terraform</li>
<li>Chapter 5: Modules</li>
<li>Chapter 6: Writing Secure Scripts with Terraform</li>
<li>Chapter 7: CI/CD with Terraform</li>
<li>Chapter 8: Terraform Unit Testing</li>
<li>Chapter 9: Terraform Best Practices</li>
</ul>Alpha01Deep-Dive Terraform on Azure: Automated Delivery and Deployment of Azure Solutions is a good book that will help you incorporate the power of Terraform into the Azure cloud. While it does cover some of Azure basics and of Terraform, this book is aimed towards cloud engineers already familiar with Azure, and some knowledge of infrastructure as code concepts. While I’m not new to Azure or Terraform, I definitely learned important concepts on how to properly implement Terraform in Azure.Moved antoniobaltazar.com to GitHub Pages2022-08-06T00:00:00+00:002022-08-06T00:00:00+00:00/awesome-applications/github/portfolio-site-now-hosted-on-gh-pages<p>Since I recently shutdown one my Intel Nuc homelab servers due to space, in addition to going forward I’ll be using public clouds for any testing that requires additional extensive computing. I was forced to migrate off my portfolio from a Kubernetes platform. I’ve been in a GitHub Pages honeymoon, so this was my first choice to move the site too. Since the <a href="https://github.com/alpha01/antoniobaltazar.com" target="_blank">portfolio site</a> is a simple Node app, the containerized app was already a complete static site. The only dynamic aspect of the application is the custom Gulp automation that is used to compile the Sass assets.</p>
<p>The only changes I made to get the site to easily publish to Git Hub Pages was restructuring the site files under the <code class="language-plaintext highlighter-rouge">_site</code> directory. By default this is the directory that gets used by the <code class="language-plaintext highlighter-rouge">configure-pages</code>, <code class="language-plaintext highlighter-rouge">upload-pages-artifact</code>, and <code class="language-plaintext highlighter-rouge">deploy-pages</code> actions. GitHub has awesome documentation, using their examples I was able to quickly write a <a href="https://github.com/alpha01/antoniobaltazar.com/blob/master/.github/workflows/npm-gulp.yml" target="_blank">Workflow</a> to build the node site, and publish it to GitHub Pages. It was a very extremely easy process! The difficult process was all my fault.</p>
<p>A while back, I consolidated my <a href="https://www.antoniobaltazar.com/blog/" target="_blank">Blog</a>, <a href="https://www.antoniobaltazar.com/photos/" target="_blank">Photos</a>, and <a href="https://www.antoniobaltazar.com/collection/" target="_blank">Collection</a> Wordpress sites under the domain <code class="language-plaintext highlighter-rouge">antoniobaltazar.com</code>. This presented a problem because I can’t simply update DNS and point <code class="language-plaintext highlighter-rouge">antoniobaltazar.com</code> to GitHub Pages because it will break access to my other WordPress sites. I use <a href="https://www.cloudflare.com/" target="_blank">Cloudflare</a> free DNS hosting, so I have very limited access to their <a href="https://support.cloudflare.com/hc/en-us/articles/218411427" target="_blank">Rewrite Page Rules</a> features. So this meant that I would still need to keep <code class="language-plaintext highlighter-rouge">antoniobaltazar.com</code> DNS pointing to my current infrastructure, rather than having the complex redirects at the DNS level. Fortunately setting the redirects at the Varnish (http 80) and Nginx (https 443) app level was extremely easy.</p>
<h3 id="nginx">Nginx</h3>
<p>On the Nginx side of things, I didn’t had to change anything on my configuration. Nginx serves as an SSL termination proxy on my environment, so all incoming <code class="language-plaintext highlighter-rouge">antoniobaltazar.com</code> https requests are automatically forwarded to my http Varnish backend.</p>
<div class="language-perl highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">location</span> <span class="o">/</span> <span class="p">{</span>
<span class="nv">proxy_pass</span> <span class="nv">http:</span><span class="sr">//my-varnish-backend/;
### Set headers ####
proxy_set_header Accept-</span><span class="nv">Encoding</span> <span class="p">"";</span>
<span class="nv">proxy_set_header</span> <span class="nv">Host</span> <span class="nv">$host</span><span class="p">;</span>
<span class="nv">proxy_set_header</span> <span class="nv">X</span><span class="o">-</span><span class="nv">Real</span><span class="o">-</span><span class="nv">IP</span> <span class="nv">$remote_addr</span><span class="p">;</span>
<span class="nv">proxy_set_header</span> <span class="nv">X</span><span class="o">-</span><span class="nv">Forwarded</span><span class="o">-</span><span class="nv">For</span> <span class="nv">$proxy_add_x_forwarded_for</span><span class="p">;</span>
<span class="c1">### Most PHP, Python, Rails, Java App can use this header ###</span>
<span class="c1">#proxy_set_header X-Forwarded-Proto https;##</span>
<span class="c1">#This is better##</span>
<span class="nv">proxy_set_header</span> <span class="nv">X</span><span class="o">-</span><span class="nv">Forwarded</span><span class="o">-</span><span class="nv">Proto</span> <span class="nv">$scheme</span><span class="p">;</span>
<span class="nv">add_header</span> <span class="nv">Front</span><span class="o">-</span><span class="nv">End</span><span class="o">-</span><span class="nv">Https</span> <span class="nv">on</span><span class="p">;</span>
<span class="nv">add_header</span> <span class="nv">X</span><span class="o">-</span><span class="nv">Powered</span><span class="o">-</span><span class="nv">By</span> <span class="p">"</span><span class="s2">Unicorns</span><span class="p">";</span>
<span class="nv">add_header</span> <span class="nv">X</span><span class="o">-</span><span class="nv">hacker</span> <span class="p">"</span><span class="s2">Alpha01</span><span class="p">";</span>
<span class="nv">client_max_body_size</span> <span class="mi">10</span><span class="sr">m;
# These headers are only accessible internally
#more_clear_headers 'x-generator';</span>
<span class="c1">#more_clear_headers 'x-drupal-cache';</span>
<span class="c1"># We expect the downsteam servers to redirect to the right hostname, so don't do any rewrites here.</span>
<span class="nv">proxy_redirect</span> <span class="nv">off</span><span class="p">;</span>
<span class="p">}</span>
</code></pre></div></div>
<h3 id="varnish">Varnish</h3>
<p>Its in Varnish where all the magic happens. For the configuration I’m simply redirecting all <code class="language-plaintext highlighter-rouge">antoniobaltazar.com</code> requests that don’t belong to my WordPress sites, to the GitHub Pages location <code class="language-plaintext highlighter-rouge">https://alpha01.github.io/antoniobaltazar.com</code>.</p>
<div class="language-perl highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="k">sub </span><span class="nf">vcl_recv</span> <span class="p">{</span>
<span class="c1"># Portoflio is now hosted on GitHub Pages</span>
<span class="k">if</span> <span class="p">(</span><span class="nv">req</span><span class="o">.</span><span class="nv">http</span><span class="o">.</span><span class="nv">host</span> <span class="o">~</span> <span class="p">"</span><span class="s2">(?i)^(www.)?antoniobaltazar</span><span class="se">\</span><span class="s2">.(com|org)</span><span class="p">"</span> <span class="o">&&</span> <span class="p">(</span><span class="nv">req</span><span class="o">.</span><span class="nv">url</span> <span class="o">!~</span> <span class="p">"</span><span class="s2">/(blog|collection|photos)</span><span class="p">"))</span> <span class="p">{</span>
<span class="nv">set</span> <span class="nv">req</span><span class="o">.</span><span class="nv">http</span><span class="o">.</span><span class="nv">host</span> <span class="o">=</span> <span class="p">"</span><span class="s2">https://alpha01.github.io</span><span class="p">";</span>
<span class="k">return</span> <span class="p">(</span><span class="nv">synth</span><span class="p">(</span><span class="mi">750</span><span class="p">,</span> <span class="nv">req</span><span class="o">.</span><span class="nv">http</span><span class="o">.</span><span class="nv">host</span> <span class="o">+</span> <span class="p">"</span><span class="s2">/antoniobaltazar.com</span><span class="p">"</span> <span class="o">+</span> <span class="nv">req</span><span class="o">.</span><span class="nv">url</span><span class="p">));</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="k">sub </span><span class="nf">vcl_backend_error</span> <span class="p">{</span>
<span class="c1"># Take care of custom redirects</span>
<span class="k">if</span> <span class="p">(</span><span class="nv">beresp</span><span class="o">.</span><span class="nv">status</span> <span class="o">==</span> <span class="mi">750</span><span class="p">)</span> <span class="p">{</span>
<span class="nv">set</span> <span class="nv">beresp</span><span class="o">.</span><span class="nv">http</span><span class="o">.</span><span class="nv">Location</span> <span class="o">=</span> <span class="nv">beresp</span><span class="o">.</span><span class="nv">reason</span><span class="p">;</span>
<span class="nv">set</span> <span class="nv">beresp</span><span class="o">.</span><span class="nv">status</span> <span class="o">=</span> <span class="mi">301</span><span class="p">;</span>
<span class="k">return</span><span class="p">(</span><span class="nv">deliver</span><span class="p">);</span>
<span class="p">}</span>
<span class="p">}</span>
</code></pre></div></div>
<p>Not a pretty solution, but it does the job.</p>Alpha01Since I recently shutdown one my Intel Nuc homelab servers due to space, in addition to going forward I’ll be using public clouds for any testing that requires additional extensive computing. I was forced to migrate off my portfolio from a Kubernetes platform. I’ve been in a GitHub Pages honeymoon, so this was my first choice to move the site too. Since the portfolio site is a simple Node app, the containerized app was already a complete static site. The only dynamic aspect of the application is the custom Gulp automation that is used to compile the Sass assets.Goodbye Drupal, Hello Jekyll2022-08-05T00:00:00+00:002022-08-05T00:00:00+00:00/awesome-applications/jekyll/goodbye-drupal-hello-jekyll<p>Ever since the <a href="https://www.drupal.org/psa-2022-02-23" target="_blank">Drupal Project had announced support for Drupal was going to drop on November 1, 2023.</a> I’ve been dreading the fact that I was going to be forced to upgrade to Drupal 9. This is mainly because I’m using some modules that I know are no longer being actively developed, and I’ve made some changes to my theme that I know for certain will not be compatible with the new version of Drupal.</p>
<p>I’ve looked into some static site generations like, <a href="harp.js" target="_blank">Harp</a> and <a href="https://surge.sh/" target="_blank">Surge</a> in the past, I but didn’t seemed to get a proper workflow with them to replace Drupal or WordPress for that matter. While I’m not new to the GitHub Pages world, I am new to it’s built-in integration with <a href="https://jekyllrb.com/" target="_blank">Jekyll.</a> Recently, I had to use this feature for a work project, and I must say the <a href="https://pages.github.com/" target="_blank">GitHub Pages built-in integration is Jekyll</a> awesome! Jekyll is a fantastic piece of software. The documentation is very comprehensible and easy to follow.</p>
<p>So I decided to migrate this site from Drupal 7 to Jekyll. The migration process was relatively painless. The Jekyll project has tons of exporters, including one for <a href="https://import.jekyllrb.com/docs/drupal7/" target="_blank">Drupal 7.</a> The only caveat (though expected) was that the exported posts were using the content type and taxonomies set for Drupal. In Jekyll these are differently, so after few global search and replace tasks, I was able to easily transform the exported data into useable valid Jekyll content. As far as the theming is concerned, I tried to follow a similar look and view as the previous Drupal 7 site. Overall, as a person with a decent (though at times limited since JavaScript is not my forté) web development skills, customizing Jekyll has been a straight forward process. I would even say it’s easier than Drupal development!</p>
<p>Perhaps the only drawback of the built-in integration with GitHub Pages and Jekyll is that you only have a set of <a href="https://docs.github.com/en/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll#plugins" target="_blank">plugins</a> and <a href="https://pages.github.com/themes/" target="_blank">themes</a> to work with. This became evident when I was creating a custom pagination page, and GitHub Pages uses a older version of the pagination plugin that isn’t compatible with newer v2 version which most examples found in when Google searching! Thus said, nothing can prevent you from using GitHub Actions to build and publish a Jekyll (or anything static site generator) generated site regardless of plugins or themes.</p>
<p>This site is now hosted on GitHub Pages, instead of on my homelab infrastructure.</p>Alpha01Ever since the Drupal Project had announced support for Drupal was going to drop on November 1, 2023. I’ve been dreading the fact that I was going to be forced to upgrade to Drupal 9. This is mainly because I’m using some modules that I know are no longer being actively developed, and I’ve made some changes to my theme that I know for certain will not be compatible with the new version of Drupal.Goodbye CentOS 8, Hello Rocky Linux2022-02-09T00:00:00+00:002022-02-09T00:00:00+00:00/linux/centos/goodbye-centos-8-hello-rocky-linux<p>I’m over two months late, to the deadline as support for CentOS 8 stopped on December 31, 2021 and now the project is focusing on the CentOS 8 Stream rolling update distro.</p>
<p>Instead of converting my CentOS 8 to Stream, I opted to the popular approach of just dumping CentOS in favor of Rocky Linux. The migrating process itself was super easy. My original CentOS 8 system was NOT running the latest version of CentOS prior to its End-Of-Life.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="o">[</span>root@mail ~]# <span class="nb">cat</span> /etc/centos-release
CentOS Linux release 8.4.2105
<span class="o">[</span>root@mail ~]# <span class="nb">sudo </span>dnf update
CentOS Linux 8 - AppStream 219 B/s | 38 B 00:00
Error: Failed to download metadata <span class="k">for </span>repo <span class="s1">'appstream'</span>: Cannot prepare internal mirrorlist: No URLs <span class="k">in </span>mirrorlist
</code></pre></div></div>
<p>Instead of opting to <a href="https://github.com/rocky-linux/rocky-tools/tree/main/migrate2rocky#el80-migrations" target="_blank">update the repos to point the CentOS archive vault repositories</a>. I wanted to just try the migration from my 8.4.2105 running version. After all this particular system is just a Postfix mailserver, and if it botched completely, I’m easily able to recreate the mail server using my Ansible automation.</p>
<p>The update process is just a matter of running the <a href="https://github.com/rocky-linux/rocky-tools/blob/main/migrate2rocky/migrate2rocky.sh" target="_blank">migrate2rocky.sh migration shell script.</a></p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="o">[</span>root@mail migrate2rocky]# ./migrate2rocky.sh <span class="nt">-r</span>
migrate2rocky - Begin logging at Tue 08 Feb 2022 04:20:57 PM PST.
Removing dnf cache
Preparing to migrate CentOS Linux 8 to Rocky Linux 8.
<span class="o">[</span>...]
Done, please reboot your system.
A log of this installation can be found at /var/log/migrate2rocky.log
</code></pre></div></div>
<p>After a few minutes where it applied the changes and them some package updates, the migration script ending without any errors. After rebooting the system, I was able to ssh in normally, verify that the system was in a working state, and verify Postfix still working. The migration worked!</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="o">[</span>root@mail ~]# <span class="nb">cat</span> /etc/redhat-release
Rocky Linux release 8.5 <span class="o">(</span>Green Obsidian<span class="o">)</span>
<span class="o">[</span>root@mail ~]# <span class="nb">cat</span> /etc/rocky-release
Rocky Linux release 8.5 <span class="o">(</span>Green Obsidian<span class="o">)</span>
<span class="o">[</span>root@mail ~]# <span class="nb">cat</span> /etc/rocky-release-upstream
Derived from Red Hat Enterprise Linux 8.5
</code></pre></div></div>
<p>I even used Ansible to see what version it was reading after the migration:</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="o">[</span>root@ansible ~]# ansible mail <span class="nt">-m</span> setup <span class="nt">-a</span> <span class="s1">'filter=ansible_distribution'</span>
mail.rubyninja.org | SUCCESS <span class="o">=></span> <span class="o">{</span>
<span class="s2">"ansible_facts"</span>: <span class="o">{</span>
<span class="s2">"ansible_distribution"</span>: <span class="s2">"Rocky"</span>,
<span class="s2">"discovered_interpreter_python"</span>: <span class="s2">"/usr/libexec/platform-python"</span>
<span class="o">}</span>,
<span class="s2">"changed"</span>: <span class="nb">false</span>
<span class="o">}</span>
<span class="o">[</span>root@ansible ~]# ansible mail <span class="nt">-m</span> setup <span class="nt">-a</span> <span class="s1">'filter=ansible_distribution_version'</span>
mail.rubyninja.org | SUCCESS <span class="o">=></span> <span class="o">{</span>
<span class="s2">"ansible_facts"</span>: <span class="o">{</span>
<span class="s2">"ansible_distribution_version"</span>: <span class="s2">"8.5"</span>,
<span class="s2">"discovered_interpreter_python"</span>: <span class="s2">"/usr/libexec/platform-python"</span>
<span class="o">}</span>,
<span class="s2">"changed"</span>: <span class="nb">false</span>
<span class="o">}</span>
</code></pre></div></div>
<p>The beauty of binary compatible Linux distributions is that although updates are from new repackaged packages, when applied they work flawlessly.</p>
<p>Ironically, over a decade ago I had to do similar migration from <a href="https://www.whiteboxlinux.org/" target="_blank">White Box Enterprise Linux</a> to CentOS 3. At the time, I simply had to update the repo URLs, refresh yum, and pull down the latest updates from the CentOS 3 repos. All of which worked beautifully.</p>
<h3 id="resources">Resources</h3>
<ul>
<li><a href="https://github.com/rocky-linux/rocky-tools/tree/main/migrate2rocky" target="_blank">https://github.com/rocky-linux/rocky-tools/tree/main/migrate2rocky</a></li>
<li><a href="https://www.cyberciti.biz/howto/migrate-from-centos-8-to-rocky-linux-conversion/" target="_blank">https://www.cyberciti.biz/howto/migrate-from-centos-8-to-rocky-linux-conversion</a></li>
</ul>Alpha01I’m over two months late, to the deadline as support for CentOS 8 stopped on December 31, 2021 and now the project is focusing on the CentOS 8 Stream rolling update distro.Effective DevOps2022-01-05T00:00:00+00:002022-01-05T00:00:00+00:00/books/devops/effective-devops<p>The last time I was fooled by a title was when I read the book <a href="https://www.rubysecurity.org/books/docker/pro-docker" target="_blank">Pro Docker</a> by Apress. Now O’Reilly Media joins that coveted list with their book Effective DevOps: Building a Culture of Collaboration, Affinity, and Tooling at Scale. This book should be titled, “Effective Management in a diverse work environment”. This book is aimed for managers rather than the regular day-to-day engineers. While normally, I would consider this to be a very important topic, however some of the approaches that the authors show cased their concepts was to me somewhat of a let down. Unlike the steaming pile of shit that was <a href="https://www.rubysecurity.org/books/docker/pro-docker" target="_blank">Pro Docker</a>, this book does have some good content. Like describing some of the patterns that lead to good team collaboration, and overall excellent examples of accomplishing good leadership.</p>
<p>My major problem with this book. Is the forced diversity, as solution for an effective team. Alluding if being part of the same certain ethnic group, race, or sex causes the same thoughts of ideas in the workplace, therefore diversity is needed. The major problem with this train of thought is that itself is very judgemental to begin with! This ideology definitely manifests in the authors writing.</p>
<p>Lastly, perhaps maybe because I wasn’t the target audience for this book, but I felt this book dragged a lot. The authors are clearly very knowledgeable in this topic, however while this book does have some excellent content, at certain times it felt to me that there was way too much filler content, to an otherwise good examples.</p>
<h3 id="rating-25">Rating: 2/5</h3>
<p>Effective DevOps: Building a Culture of Collaboration, Affinity, and Tooling at Scale</p>
<p><a href="https://www.oreilly.com/library/view/effective-devops/9781491926291" target="_blank"><img src="/assets/books/effective-devops.jpg" /></a></p>
<ul>
<li>Chapter 1: The Big Picture</li>
<li>Chapter 2: What is DevOps</li>
<li>Chapter 3: A History of DevOps</li>
<li>Chapter 4: Foundational Terminology</li>
<li>Chapter 5: DevOps Misconceptions and Anti-Patters</li>
<li>Chapter 6: The Four Pillars of Effective DevOps</li>
<li>Chapter 7: Collaboration: Individuals Working Together</li>
<li>Chapter 8: Collaboration Misconceptions</li>
<li>Chapter 9: Affinity: From Individuals to Teams</li>
<li>Chapter 10: Affinity: Misconceptions and Troubleshooting</li>
<li>Chapter 11: Tools: Ecosystem Overview</li>
<li>Chapter 12: Tools: Accelerators of Culture</li>
<li>Chapter 13: Tools: Misconceptions and Troubleshooting</li>
<li>Chapter 14: Scaling: Inflicting Points</li>
<li>Chapter 15: Scaling: Misconceptions and Troubleshooting</li>
<li>Chapter 16: Building Bridges with the Four Pillars of Effective DevOps</li>
<li>Chapter 17: Bridging DevOps Cultures: Learning from Our Stories</li>
<li>Chapter 18: Bridging DevOps Cultures: Fostering Human Connections</li>
<li>Chapter 19: Conclusion</li>
</ul>Alpha01The last time I was fooled by a title was when I read the book Pro Docker by Apress. Now O’Reilly Media joins that coveted list with their book Effective DevOps: Building a Culture of Collaboration, Affinity, and Tooling at Scale. This book should be titled, “Effective Management in a diverse work environment”. This book is aimed for managers rather than the regular day-to-day engineers. While normally, I would consider this to be a very important topic, however some of the approaches that the authors show cased their concepts was to me somewhat of a let down. Unlike the steaming pile of shit that was Pro Docker, this book does have some good content. Like describing some of the patterns that lead to good team collaboration, and overall excellent examples of accomplishing good leadership.#100DaysOfCode Go2022-01-01T00:00:00+00:002022-01-01T00:00:00+00:00/programming/go/100daysofcode-go<p>It’s been well over 10 years since I’ve learned a new programming language. While I’ve flirted with JavaScript to a certain point, I never truly did made an effort to learn it, given how horrifying that language is (there I said it). My programming journey began with simply Bash shell scripting, and Ruby in college. I won’t include Microsoft VisualBasic which I had a couple of courses in, because quite frankly I don’t remember much of it. As I got my second job as a Linux sysadmin in early 2008, that shifted towards me needing to learn PHP, and Perl; so I did. Then around that same time, seeing the popularity of Python, I’ve also decided to learn Python. So throughout all my tech career, I’ve extensively used Bash, Ruby, PHP, Perl, and Python in one way or another. So much, that I’m definitely comfortable using any of them, varying the problem I want to solve, hence I’ve have included them in my <a href="https://www.antoniobaltazar.com/#skills" target="_blank">resumé.</a></p>
<p>Now in January 1, 2022, as stated in my <a href="https://www.antoniobaltazar.com/blog/2022/01/01/2022-new-years-resolution/" target="_blank">New Year’s Resolution</a>, I’ve made it an actual goal to learn Go in depth. It’s quite amazing to see how the tech industry has really embraced Go, as one of the defacto languages. My background is mostly all Linux DevOps, and the past two years I’ve been working extensively with Kubernetes. So being involved in the Kubernetes world, I feel somewhat constraint by the fact that I’m not well knowledge in the Go programming language. That’s why I want to learn this new powerful programming language.</p>
<p>I love the idea of the <a href="https://www.100daysofcode.com/" target="_blank">#100DaysOfCode challenge</a>, as well as its community aspect. So I’ve decided that for the next 100 days, I’ll be learning Go. I’m going to be using <a href="https://twitter.com/alpha01" target="_blank">Twitter</a> for daily assertions, as well a weekly post on this blog to keep myself accountable. All of my code will be on <a href="https://github.com/alpha01/100DaysOfCode-Go" target="_blank">https://github.com/alpha01/100DaysOfCode-Go</a>. I already have plans for some practical projects, such as writing a custom Kubernetes controller for a CRD using <a href="https://github.com/kubernetes/sample-controller" target="_blank">https://github.com/kubernetes/sample-controller.</a></p>
<p>For the study material, I’ll reading the book <a href="https://www.amazon.com/Programming-Language-Addison-Wesley-Professional-Computing/dp/0134190440" target="blank">Go Programming Language</a> and using the Udemy courses <a href="https://www.udemy.com/course/learn-how-to-code/" target="_blank">Learn How To Code: Google’s Go (golang) Programming Language</a> and <a href="https://www.udemy.com/course/go-the-complete-developers-guide/" target="_blank">Go: The Complete Developer’s Guide (Golang).</a></p>
<p>Happy New Year, and happy Go hacking!</p>Alpha01It’s been well over 10 years since I’ve learned a new programming language. While I’ve flirted with JavaScript to a certain point, I never truly did made an effort to learn it, given how horrifying that language is (there I said it). My programming journey began with simply Bash shell scripting, and Ruby in college. I won’t include Microsoft VisualBasic which I had a couple of courses in, because quite frankly I don’t remember much of it. As I got my second job as a Linux sysadmin in early 2008, that shifted towards me needing to learn PHP, and Perl; so I did. Then around that same time, seeing the popularity of Python, I’ve also decided to learn Python. So throughout all my tech career, I’ve extensively used Bash, Ruby, PHP, Perl, and Python in one way or another. So much, that I’m definitely comfortable using any of them, varying the problem I want to solve, hence I’ve have included them in my resumé. Now in January 1, 2022, as stated in my New Year’s Resolution, I’ve made it an actual goal to learn Go in depth. It’s quite amazing to see how the tech industry has really embraced Go, as one of the defacto languages. My background is mostly all Linux DevOps, and the past two years I’ve been working extensively with Kubernetes. So being involved in the Kubernetes world, I feel somewhat constraint by the fact that I’m not well knowledge in the Go programming language. That’s why I want to learn this new powerful programming language. I love the idea of the #100DaysOfCode challenge, as well as its community aspect. So I’ve decided that for the next 100 days, I’ll be learning Go. I’m going to be using Twitter for daily assertions, as well a weekly post on this blog to keep myself accountable. All of my code will be on https://github.com/alpha01/100DaysOfCode-Go. I already have plans for some practical projects, such as writing a custom Kubernetes controller for a CRD using https://github.com/kubernetes/sample-controller. For the study material, I’ll reading the book Go Programming Language and using the Udemy courses Learn How To Code: Google’s Go (golang) Programming Language and Go: The Complete Developer’s Guide (Golang). Happy New Year, and happy Go hacking!