A Practical Introduction to Container Terminology

A Practical Introduction to Container Terminology” is at the same time two things for me:

  1. The longest blog post that I’ve seen in a long time, if not ever.
  2. The best introductory tutorial into containers.

Strongly recommended.

Nginx 1.13.9 and HTTP/2 Server Push

Here are some very exciting news from the Nginx front lines: HTTP/2 Server Push is now available in the latest and greatest Nginx 1.13.9, which was released yesterday!

Server Push was one of the most exciting features for me in all of the HTTP/2 specification.  But I wasn’t quite sure how it will be implemented, and, most importantly, how it can be made easily available to the web developers, who are often few levels removed from the web server configuration.  I think Nginx solves the problem quite elegantly.

On the configuration level, “location” directives are often available to the web developers withing the virtual host / server.  But for those who can’t use those or don’t want to mess around with the configuration files, an even easier option is available – Link HTTP header.

I’m sure this will soon be widely supported in all the major libraries and frameworks, much like HTTP cookies are.   Great times ahead!

Red Hat to Acquire CoreOS

Red Hat issued a press release announcing that it has signed a definitive agreement to acquire CoreOS Inc.

RALEIGH, N.C. —  — Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced that it has signed a definitive agreement to acquire CoreOS, Inc., an innovator and leader in Kubernetes and container-native solutions, for a purchase price of $250 million, subject to certain adjustments at closing that are not expected to be material. Red Hat’s acquisition of CoreOS will further its vision of enabling customers to build any application and deploy them in any environment with the flexibility afforded by open source. By combining CoreOS’s complementary capabilities with Red Hat’s already broad Kubernetes and container-based portfolio, including Red Hat OpenShift, Red Hat aims to further accelerate adoption and development of the industry’s leading hybrid cloud platform for modern application workloads.
I find it to be very significant.  Have a look at other Red Hat acquisitions, especially lately, as well as their other programs and projects.

Getting the best performance out of Amazon EFS

Jeff Geerling shares his tips for “Getting the best performance out of Amazon EFS”.  Given how (still) new the Amazon EFS is and how limited is the documentation of the best practices, this stuff is golden.

tl;dr: EFS is NFS. Networked file systems have inherent tradeoffs over local filesystem access—EFS doesn’t change that. Don’t expect the moon, benchmark and monitor it, and you’ll do fine.

Nginx Performance Tuning – Tips & Tricks

Here are a whole lot of “Performance Tuning – Tips & Tricks” directly from the Nginx team.  I’m sure you’ve seen bits and pieces of these all over the place, but it’s nice to have them all together and from the credible source as well.

PHP-FPM tuning: Using ‘pm static’ for Max Performance

PHP-FPM tuning: Using ‘pm static’ for Max Performance” looks at different process management settings in PHP-FPM: static, dynamic, and ondemand, and the way they affect performance.  The default – ondemand – might work well for you if you have a large server with plenty of resources and not so many actual visitors.  Running on a smaller instance, or expecting high spikes of traffic might require you to look into your PHP-FPM configuration and adjust it.  The article is just what the doctor ordered.

Personally, I prefer having a dedicated instance for the web server, but that instance being as small as possible.  With that, figuring out the correct settings for static process management is easier.  It also minimizes all those nasty cases of running out of memory, swapping, and having an excessive CPU utilization.   Which is especially useful when running on Amazon AWS instances.

SSH vs OpenVPN for Tunneling

I have never particularly liked Virtual Private Networking (VPN).  From the old days, when there were a gadzillion of proprietary implementations, each being super slow, resource hungry, and requiring a mess of versions specific requirements, like Java and Firefox.  Secure Shell (SSH) has always been my choice for remote connections and tunneling.

Today I came across this article, which also shows that SSH tunnels are much faster than OpenVPN (if one has to use VPN, OpenVPN is probably the best choice around).  Needless to say they are also much easier to setup, both manually and automatically.

This adds yet another argument to my SSH vs VPN toolbox.

hack {cyprus} summit 2017

Last week I’ve attended the first ever hack {cyprus } summit.  hack {cyprus} is well known among techies in Cyprus for organizing other events, mostly hackatons.  They are good at that.  And this time it was something new.

The event itself was excellent!  It had all the usual things you’d expect from such a gathering – a bunch of bearded guys in dark t-shirts and jeans (each one secretly wishing that there were more women in tech), gadgets, coffee, snacks, and so on and so on.  And there were talks and workshops with lots of chatter in between.

Being a big fan and a frequent attendee of technical conferences all over Europe, I knew there was no chance I’d miss this one in Cyprus.  Even if I have to drive from Limassol to Nicosia.  In fact, I decided I’ll get even more value of it – practice my public speaking and presentation skills at the expense of the crowd.  So when the call for talks was announced, I submitted a couple of talks and one was picked.

There was a little hickup where I didn’t know the time slot of the talk (how long it would be), so I submitted two talks – one for 30 minutes or so, and one for 60 minutes.  The 60 minute one got chosen, and then I learned that the time I have is 20 minutes for the talk and 10 minutes for the Q&A.  Oopsy.   But, never the less, challenge accepted.  It took a lot of cutting and trimming but I think I sort of managed to get the essence of it into about 20 slides.  My talk wasn’t the first one of the day, so I observed other speakers.  I think most of them went slightly over 20 minutes and cut into the Q&A time, but on the other hand, there weren’t enough questions for most of the talks to fill all that time.  So in the end, it all worked out pretty well.  If I remember correctly, I managed to squeeze my talk into about 25 minutes altogether.   I’d love to see the video of that – there’s plenty of mistakes to learn from there, but for now, there are only the slides.

I would like to say huge thank you to everybody involved – organizers, sponsors, speakers, and attendees.  It was a blast and I hope to attend many more.


nginx-module-vts – Nginx virtual host traffic status module

nginx-module-vts is a handy Nginx module for those who run complex Nginx configurations, with multiple servers, virtual hosts, caches, etc.  Here’s an example partial screenshot of the output.