Skip to content

Instantly share code, notes, and snippets.

View joemiller's full-sized avatar

joe miller joemiller

View GitHub Profile
joemiller / redis_piper.rb
Created March 5, 2014 23:34
redis pipe inputter for getting simple S3 key list into redis quickly
!/usr/bin/env ruby
# use this to bulk load s3 keys into redis.
# usage:
# ------
# cat /root/s3.keys | | redis-cli -h HOST -n DB --pipe
$ openssl ocsp -issuer iss.crt -cert gd.crt -url
WARNING: no nonce in response
Response Verify Failure
49913:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:/SourceCache/OpenSSL098/OpenSSL098-50/src/crypto/ocsp/ocsp_vfy.c:126:Verify error:unable to get local issuer certificate
gd.crt: good
This Update: Apr 8 16:41:41 2014 GMT
Next Update: Apr 10 04:41:41 2014 GMT
joemiller / btrfs_raid0.txt
Last active August 29, 2015 14:02
LSI WarpDrive benchmarks, Model: LSI NWD-BLP4-1600 (1600GB)
yum -y install btrfs-progs
yum -y install spew # regorge(1)
mkfs.btrfs -d raid0 /dev/sdb /dev/sdc
mount /dev/sdb /data
regorge -v -b 1k 500g /data/regorge
WTR: 271525.92 KiB/s Transfer time: 00:32:10 IOPS: 271525.92
RTR: 1277250.56 KiB/s Transfer time: 00:06:50 IOPS: 1277250.56
joemiller /
Created June 10, 2014 18:01
fix extlinux bootloader on rackspace fedora-20 image (may 28th version: 5596255c-e9ae-48da-866c-9bbdd345ed39)
if file -s /dev/xvda | grep -i syslinux ; then
echo "detected SYSLINUX / EXTLINUX bootloader"
[ -f "/boot/extlinux.conf" ] && rm -f /boot/extlinux.conf && extlinux --update /boot/extlinux
joemiller / rackspace_cell.rb
Last active August 29, 2015 14:02
rackspace cell ID (sorta) in ohai v7
# Test:
# $ ohai -d `pwd` rackspace
# this plugin adds the rackspace cell to the rackspace cloud data
def private_gateway
_, stdout, _ = run_command(no_status_check: true, command: "ip route show | grep eth1 | grep via | head -1 | awk '{print $3}'")
if stdout.length > 0
return stdout
joemiller / gist:b0b7881b4a4852fe660c
Created July 23, 2014 16:55
shrink_dentry_list lockup kernel 3.14.6 fc19
[2704596.083059] BUG: soft lockup - CPU#1 stuck for 22s! [php-fpm:6001]
[2704596.083064] Modules linked in: fuse isofs ip6t_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack_ipv6 nf_defrag_ipv6 xt_conntrack nf_conntrack ip6table_filter ip6_tables xenfs xen_privcmd crct10dif_pclmul crc32_pclmul crc32c_intel xen_netfront ghash_clmulni_intel microcode binfmt_misc xen_blkfront
[2704596.083064] CPU: 1 PID: 6001 Comm: php-fpm Tainted: G W 3.14.6-100.fc19.x86_64 #1
[2704596.083064] task: ffff8806a9e65580 ti: ffff88000f6e4000 task.ti: ffff88000f6e4000
[2704596.083064] RIP: e030:[<ffffffff816f72c2>] [<ffffffff816f72c2>] _raw_spin_lock+0x12/0x40
[2704596.083064] RSP: e02b:ffff88000f6e5dd0 EFLAGS: 00000282
[2704596.083064] RAX: 00000000d302d302 RBX: ffff88012e719980 RCX: dead000000200200
[2704596.083064] RDX: ffff88012e719980 RSI: 0000000000000000 RDI: ffff88012e719958
[2704596.083064] RBP: ffff88000f6e5dd0 R08: ffff88012e719980 R09: 00000000000007b1
[2704596.083064] R10: 0000000000000000 R11: ffff88000f6
joemiller / gist:5fa807dd3c8535756d43
Created July 25, 2014 15:45
soft lockup, propagate_mnt, kernel 3.14.6-200.fc20
[3703320.879085] CPU: 9 PID: 67661 Comm: ( Not tainted 3.14.6-200.fc20.x86_64 #1
[3703320.879085] Hardware name: Xen HVM domU, BIOS 4.1.5 11/28/2013
[3703320.879085] task: ffff880bd77c1300 ti: ffff880159a1e000 task.ti: ffff880159a1e000
[3703320.879085] RIP: 0010:[<ffffffff81216854>] [<ffffffff81216854>] next_group+0x34/0xd0
[3703320.879085] RSP: 0018:ffff880159a1fe10 EFLAGS: 00000246
[3703320.879085] RAX: ffff88012ff26db8 RBX: ffffffff8120a958 RCX: ffff88009d236580
[3703320.879085] RDX: ffff88009d236628 RSI: ffff88012ff26d00 RDI: ffff88009d236580
[3703320.879085] RBP: ffff880159a1fe10 R08: 00000000000001df R09: ffffe8ffd1ded168
[3703320.879085] R10: 0000000000001400 R11: 0000000000000000 R12: 0000000000000000
[3703320.879085] R13: ffff880159a1fe58 R14: ffff88012ff26d00 R15: ffff88012ff26300
joemiller /
Created August 15, 2014 23:08
keybase proof

Keybase proof

I hereby claim:

  • I am joemiller on github.
  • I am joemiller ( on keybase.
  • I have a public key whose fingerprint is 643F C9D1 FCA0 CDCA 7268 A2BF 1ECD 695B 6518 4016

To claim this, I am signing this object:

joemiller /
Created August 19, 2014 23:00
extract multiple PEM encoded certs from a single file. yak shave
def extract_pem_certs(str):
buf = None
certs = []
for line in str.split('\n'):
if 'BEGIN CERTIFICATE' in line and buf is None:
buf = line + '\n'
elif 'END CERTIFICATE' in line:
buf += line + '\n'
buf = None
joemiller /
Last active August 29, 2015 14:07
minimum viable yak shave to make docker's iptables management play nice with /etc/iptables.d/ based systems


  1. disable docker's internal iptables management
  2. write a simple utility 'pantheon-docker-iptables' to use after starting and stopping the container via systemd's ExecStartPre= and ExecStartPost=
    • on start this utility would run after docker starts the container, use docker inspect to figure out the IpAddress assigned to the container on the docker0 bridge. Also, use docker inspect to get the tcp/udp port mappings assigned to the container. Then, it would create the appropriate /etc/iptables.d/docker-container-<container_name> file and call restart iptables to load new rules.
    • on stop, remove the /etc/iptables.d/docker-container-<container_name> file and call restart iptables