Bloom Filter Lightning Talk
A Lightning talk I gave to Dunedin Code Craft in November 2024
Posts
3d Print and Paint Ocarina
A fun modern craft and music project
Profiling PostGIS with PLProfiler
PLProfiler is a great tool for profiling PL/PGSQL functions, but you need an extra trick for PostGIS native functions.
Ergodox EZ vs Kinesis Advantage
I’ve been a delighted Kinesis Advantage user for over 10 years. I purchased the Ergodox EZ as a second keyboard for hybrid work. Now its time to replace my Kinesis. Let’s compare!
Using Common Expression Language (CEL) in... a Metrics Exporter for LDAP
Use the Common Expression Language (CEL) to allow user-friendly flexible policy rules. Show this with YAML to group/filter data to expose as metrics.
Reimplementation of Learning :: a Python to Go Retrospective
PoC coding and reimplementation of Python and Go for metrics and log parsing using an example of 389 Directory Service.
Syft your Linux Fleet Looking for Shellshock, Log4J.... and Oracle Java?
I explore using Syft and Grype, demonstrate use of jq and Go’s text templates, and explore using Syft against a server rather than a container.
Managing the Performance of Grafana/Prometheus Dashboards using Nginx & Lua
Regain visibility into the performance of Open Source Grafana and Prometheus so you know which dashboards and visualisations are slowing down your Prometheus service.
Map Git Dependencies using n-grams in Python
Where in Git would I go to edit the code that deploys a set of resources identified by audit findings?
Amazon EFS Top-Talkers
Use Amazon’s VPC flow logs (similar to NetFlow) to identify NFS clients and servers and enrich that IP-level information with useful names so you can recognise EC2 instances, EFS endpoints etc.
Job Hunting for Senior IT Roles
Some observations from successful job hunting for those wanting a remote role or to pivot in the industry. Meant for more senior roles, where the funnel should be smaller.
Deploying with Ansible when Outgoing Access to Internet is Unavailable (BYO proxy)
Network gynmastics using SSH and a local proxy for servers that don’t have internet access but still need to ‘yum update’ etc.
Limiting Access via Squid to Docker Containers
I wanted to grant just the access needed for different Docker containers through Squid. I used Squid’s ability to use Ident as a way to look up a ‘user’ for a connection, and made a custom identd server to provide this information.
Capturing and Replaying Connection-less Protocols (eg. IPFIX into Logstash)
Capture real-world network traffic so you can replay it later / elsewhere for development and testing. An example is given using IPFIX (AppFlow), but directly relevant to UDP Syslog too.
Point a single process to /dev/urandom instead of /dev/random
Giving a single process (tree) a different view of the filesystem without modifying the process; and showing how to do this manually and via Ansible.
Memcached logging (and others) under Systemd on RHEL7
How to cleanly gather logs for memcached.
The importance of being liberal in a Cisco environment
Network incompatibilities do happen and sometimes you need to be a little more forgiving in order to let the traffic flow. An example of where some Cisco behaviour was running foul of Linux.
Use IPTables NOTRACK to implement stateless rules and reduce packet loss
Disabling IPTables connection tracking for DNS can resolve problems due to too many connections in the connection table.
Use Getent Hosts in Scripts
It is common practice to use tools like ‘dig’ to lookup DNS results, but this has very bad performance. If you just need to lookup a name or address, there’s an easier, friendly way.
Dont Let Java on Linux Determine Its Own Timezone
Your timezone says Pacific/Auckland but Java reports Antarctica/SouthPole; what gives?