Posts

At $job, we use an SSH bastion host to connect to our cloud environment. This made using Test Kitchen a bit annoying. My previous way of getting Test Kitchen to work involved putting a ProxyCommand into my ~/.ssh/config, which worked, sometimes, but was still annoying. Eventually I stumbled into a completely undocumented function of test kitchen which solves this exact problem. ssh_gateway Turns out that kitchen has support for SSH bastion hosts built in, it’s just not documented anywhere. Here’s what you need in your .kitchen.yml: ...

I recently started a new job at a startup. It’s a remote job at a company I had never previously heard of, and I found the job listing through Hacker News. If you already read Hacker News, you already know that it’s a great resource for startups, nerds, nerds at startups, and more. There’s a monthly jobs thread where tons of startups will post jobs, usually seeking software engineers, big data experts, and DevOps cloud nerds like myself. Some of the jobs have a requirement of physically coming to an office, but many of the jobs are remote. Here is a link to this month’s jobs thread (June 2018). ...

Logical AND Operator Sometimes you might need a logical ‘AND’ operator in Terraform. I recently had a module where I had a variable for create_dns, which was either true or false, and I had another variable for create_tableau, which was also either true or false. I only want to create some resources if BOTH of those variables are true, which is a logical ‘AND’ operator. count = "${max(var.create_dns + var.create_tableau - 1, 0)}" ...

When I hear about a command line application that I might want to use, often times the first step in installing the application starts with pip install or gem install. This would install the application and all of its dependencies, but it would also possibly interfere with some other application and its own dependencies. Just use virtualenv or rbenv The solution to the above dependency clashes is usually “just use a virtualenv”. Which works, but only in a certain directory, and only if you remember to source ./bin/activate and so on. Maybe if I knew a bunch more about virtualenv and rbenv (or whatever folks use in the Ruby world, which I feel like changes from time to time), I’d know of a better solution to this problem. If you know of one, feel free to leave a comment. ...

AwardFinder is a cool Chrome extension which can search for airline award availability and help you book free flights with your airline miles. I recently used this extension to book a business class award to South America, but I haven’t found a lot written about it yet. So this post can walk you through what it is and how to use it. Install AwardFinder First things first, install AwardFinder from the Chrome app store. ...

Creating Terraform security group rules for TCP and UDP is pretty straightforward, you just list the ports you want and you’re good. from_port = 443 to_port = 443 protocol = "tcp" Creating ICMP rules is way less straightforward### Suppose I want a rule to allow ping. What port does ping operate on? It doesn’t have one. So then you Google around a bunch and hopefully wind up here, because here’s how you allow ping: ...

I passed the Google Cloud Platform Professional Cloud Architect certification without ever using Google Cloud or even logging in to the console. I have a bunch of AWS cloud experience (both in the real world and experience with AWS exams), so I’m pretty confident on general principles of cloud computing, but it still feels weird to take and pass a certification without ever using the specific subject matter in the exam. ...

I use a Linux VM to run Deluge and handle my torrents. ShowRSS generates RSS feeds of content I want to download, and FlexGet feeds those downloads into Deluge. The VM runs Ubuntu server and I interact with it using the Deluge web interface. It’s pretty well automated and does what I want it to do. But what about security and privacy? In order to protect my privacy from my ISP and others, I use a VPN. As mentioned above, I’m running Deluge on a small headless VM. The VM is dedicated to the task of running Deluge, it doesn’t serve any other purpose. ...

As a person whose day to day work involves a lot of code, that means I’m also a person who uses version control (git) for pretty much any project. So I keep my resume under version control so I can track changes. When you Google something about keeping a resume in version control, using LaTeX comes up over and over again. Using LaTeX involves learning a markdown languange which generates your resume for you. It’s basically resume-as-code, which means it’s pretty complex for anyone who doesn’t already know LaTex (which I do not). I just want to keep my resume in a git repo, I don’t want to learn a whole new markdown languange just so I can track a few resume changes per year. ...

I recently found a cool way of mocking out subnets when doing network design: Google Sheets. This lets you sketch out subnets quickly and without doing a lot of math. The math is automated, so it updates dynamically and it’s harder to manually screw things up. Change your VPC allocation? Your subnets can automatically update themselves. Setting up Google Sheets First, open this google sheet, which has a bunch of subnetting related scripts that aren’t part of Google Sheets by default. I didn’t write the scripts in this sheet, I just found them to be useful. Use File -> Make a Copy to save a copy in your own Google account. The functions which we’ll use only work when you copy the Sheet to your own account. ...