Archive for the ‘Technology’ Category

Dragged by the roots

This one had me scratching my head for a while today. A client and an ex-client both contacted me with strange HTTP connectivity issues, which manifest as errors occurring on one server while the exact same code is working elsewhere. The logs revealed that a HTTPS connection was being rejected because the connection to the external site could not be validated. The problem was that the root certificates were out of date, and the external site was using Let’s Encrypt SSL certificates, which as of this month (October 2021) has a new compatibility restriction meaning their certs can only be validated by a client if the client trusts the ISRG Root X1 certificate. That restriction prevents functionality on iPhones running [click title to read more…]

Bare bones bleeding edge cluster

Tomcat(xN)+Kubernetes+Docker+Rocky

Audience: SysAdmin, DevOps, Un*x coders

Sometimes, just for exercise, I go nuts. This time I figured my exercise would be to create a Hello World micro-services demo by building a bare bones cluster on the bleeding edge Rocky 8.4 operating system. I say “bleeding edge” but in fact I would just be using recent stable versions of several technologies, rather than the actual bleeding edges.

You can read about my chosen technologies elsewhere, along with all manner of explanations, charts, diagrams and occasionally some sample configurations or lines of code. For this document I stick to command lines and raw configurations, with the aim of providing something that you can copy/paste verbatim and achieve the same result. If you [click title to read more…]

Glitch

The other day I noticed my laptop’s CPU widget was showing near 100% usage, but Task Manager was showing only 3%, and applications were crawling. I did the usual incantations to no avail. Safe Mode with everything off seemed OK, and a solid two days of virus scanning revealed nothing (as I would hope, given the safeguards in place). Driver updates led me eventually to a BIOS update. No change. SysInternals revealed nothing. Then Windows decided it was time to do its own updates. More delay.

Everything was running slow, including networking, which seemed to be a problem even when in Safe Mode. Connecting a second laptop into the gigabit switch revealed the same network bottleneck. “Aha!”, I thought, “the [click title to read more…]

Eggs and baskets

About a week ago a large chunk of the Web vanished for a few hours as Fastly experienced a major outage in their Web cache service. Popular sites like Reddit, the BBC, Amazon and much of the UK government online services suddenly presented blank pages. There was much finger-pointing for days afterwards, then Cloudflare goes down last Friday (more fingers pointing) and today with many of those fingers finally holstered we suddenly find ourselves in the middle of an Akamai outage. Fingers out and reloading!

The thing about these services is that they are mainly caches: intermediary services that optimise the delivery of content from the origin sites. Unfortunately, when they go down, the origin sites do not just go [click title to read more…]

Domain control

I won’t give the perpetrators the benefit of a mention or link, but it is really troubling when those responsible for a top level DNS domain don’t adhere to their own rules by allowing unethical use of a domain name during the current global crisis. A phrase strongly associated with public health is undoubtedly going to encourage people to enter into their browser’s address bar a site name based on that phrase. Sadly, these unsuspecting people will then be presented with the latest conspiracy theories, anti-vaccination tripe and bizarre political agendas.

During the current worldwide calamity it is not only the search engines and social media companies that need to keep a close eye on their services. All of the [click title to read more…]