fiddyspence's blog

Hot Shell

I listen to a lot of music when I computer, which quite often means that I don’t hear it when the fans spin up because the shiny aluminium dumb terminal is having a cow because e.g. Spotify helper has gone into a tailspin. Because I spend most of my time in a terminal I thought it would be fun if my shell prompt told me when the thing got too hot. I realised subsequently that OS X has a built in say command, and made it shout that the thing was loud too, just in case red font wasn’t adequate.

Here. Have some bash and some ruby:

This goes into ~/bash_profile

trap 'for i in $(jobs -p); do kill $i; done' EXIT
export OURPORT=$(($RANDOM + 1025))
ruby ~/bin/cpucheck.rb 2> /dev/null &
cputemp ()
    echo $(curl --noproxy '*' -s$OURPORT/)
PS1='\e[31m$([[ $(cputemp) -gt 70 ]] && echo "WARNING: HOT CPU:" && say hot cpu)\e[0m\h:\W \u\$ '

I have a ~/bin directory - this into ~/bin/cpucheck.rb (oh - and install the iStats gem)

require 'sinatra/base'
require 'iStats'
require 'iStats/cpu'
include ::IStats
class CpuServer < Sinatra::Base
  set :port, ENV['OURPORT']
  set :logging, false
  set :traps  , false
  set :server, %w[webrick]
  get '/' do
  run! if app_file == $0

And then when the thing starts to take off:

WARNING: HOT CPU:spenceware:~ fids$


If you’re reading this, you’re at least half interested in community based monitoring of airport noise. The end result of this should be noise heatmaps around (initially) Heathrow that provide time based indication of peak/average noise around the airport. As an aside, there might be some useful data produced and there might also be some reusable software that can be iterated on for residents around other airports.

Influxdb Over SSL

I’ve been messing with monitoring a bit recently, and have a project on simmer that, in principle at least, is going to use influxdb for data storage. The project needs to collect data from public sources, so I wanted some decent protection for the process (with better control over the TLS etc). More detail to follow, but the initial steps are these:

On Resigning

So - you resign from $job. Congratulations, it’s a big step. You’re probably, like most people, suffering from mild organisational Stockholm Syndrome and feel a bit angsty about leaving. What if it’s a mistake. What if I don’t like it. What if what if what if.

At this point, chill. It’s probably just a job, and there are plenty more. You’re decided to move on because you hate it/it’s time to move/time for a change/money etc.

But what if $job turn around and say - no - wait - we want to counter offer before we accept your resignation.

My thinking on this is simple. If you’re leaving because of being underpaid, or a lack of recognition or you hate it, don’t rescind. Move on.

If you are worth more to them than you’re being paid, and you’ve already pointed this out before (which of course you have) and without the threat of you leaving they just sat on their hands shaking their heads they didn’t pony anything up, fuck ‘em.

Culturally, fuck ‘em.

If you complained about any of the reasons for that ultimately made you want to leave and nothing happened while you were there, and on the materialisation of you leaving all of a sudden it’s all “Please don’t go - we love you really and won’t beat you again, and here are some chocolates”, that’s an abusive relationship.

Move on. There are plenty more jobs, opportunities and happiness to be found.

You resigned, you’ve checked out - don’t do yourself the harm of thinking they’ll change. They never do.

No Moar Apache

So, I’ve been contemplating an upgrade to puppetserver, and the thought occurred to me that now we’re not in a magical land of Passenger any more, why on earth should I need either Apache or nginx any more - so I had a crack at getting haproxy to do the SSL termination for me, because lightweight and why not.

New Adventures With Beaker

So - I started having a bit of a hack with Beaker this week and found out some things.

First - openstack support is evolving, so I had to do some fixing to enable multi-region node creation - currently here: https://github.com/puppetlabs/beaker/pull/681

Secondly, installing extra modules doesn’t respect anything like the .fixtures.yml of rspec-puppet, and we don’t allow unrestricted exit to the interwebs from our internal nets, so welcome to a game of:

# Configure all nodes in nodeset
c.before :suite do
  hosts.each do |host|
    target_module_dir = on( host, "echo #{host['distmoduledir']}" ).stdout.chomp
    install_from_git(host, target_module_dir, { :name => 'stdlib', :path => 'http://somegit/stdlib.git', :rev => '4.3.2' })
    install_from_git(host, target_module_dir, { :name => 'apache', :path => 'http://somegit/apache.git', :rev => 'master' })

If you’re wondering what you can do, GEMDIR/beaker-/lib/beaker/dsl/helpers.rb is the place to look

Running a lot of stuff remotely has been necessary here - setting up yum repos etc for example

on(host, 'curl -o /etc/yum.repos.d/thing.repo http://webserver/thing.repo')

Oh - nodefiles and options - this is where beaker options go:

      - master
    hypervisor : openstack
    flavor: small
    image: OL-6.5.1-latest
    user: cloud
  :openstack_keyname: me
  :openstack_api_key: password
  :openstack_username: openstackusername
  :openstack_auth_url: http://identity:5000/v2.0/tokens
  :openstack_tenant: I Like Cows
  :openstack_network: public
  :openstack_region: emeraldcity
  :trace_limit: 500
  type: foss

I spent a lot of time working out how to expand the trace_limit - turns out it’s here!!

More notes when I can be bothered


I’m going to be running the Windsor half marathon in 2 days, and I don’t want you to sponsor me.

Passenger High Performance You Bastard

I recently learned a bit of a gotcha with PassengerHighPerformance if you’re thinking of running load balanced Puppet masters behind an Apache balancer. If you’re not thinking of doing this, then you should turn of your TV set now and save yourself the time and effort of reading on.

How I Learned to Love My ENC

Facts in Puppet, depending on your point of view, are merely a thing, the absolute best thing, or why god why facts why. For some applications the latter is very much the case, take for example a hiera hierarchy.

This is a post that considers security of various approaches to designing Puppet code. We know already that facts are mere assertions, that are potentially subject to being overridden in various ways (FACTER_hostname=notthethingyoufirstthoughtof puppet agent -t).