- Headline: make it short and to the point
- Write the post like a news story, with a lede and a nut graf above the fold.
- "the fold" in this case is WordPress's tag, which you should always use, 'cause who wants to see a whole wall of text?
- Use illustrative graphics. Put one above the fold, so that it shows up on the blog's index page and draws people in. All posts should at least have one graphic!
- What's a lede? A sentence or two that, again, draws people in. There are many different types of ledes in journalism; for the purpose of a blog, the lede + nut graf answer the who/what/when/where/why/how questions, so folks know if they should read on.
- Hyperlinks: Put links to any terms, content or concepts that you're referring to that aren't well-understood. Also make links to any other content you're referencing.
Julian C. Dunn juliandunn
juliandunn
/ writing-a-good-blog-post.md
Last active
August 29, 2015 14:16
Things I learned from journalism school on writing a good blog post
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules "throw errors on control group failures" | |
| rule on run control group | |
| when | |
| status = "failure" | |
| then | |
| notify("email_me", "Run control group \"{{ message.name }}\" just failed on {{ message.run.node_name }}!") | |
| notify("webhook_me") | |
| end | |
| end |
juliandunn
/ analytics-failure.json
Last active
August 29, 2015 14:16
This is the error you will get when you're using audit mode with a Chef server that's too old (< 12.0.3)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"recoverable":false,"cause":"json_extraction_bolt - e2c4e453-b93c-4cc6-8da6-41d58be6c7c8 invalid payload","payload":"{\"message_type\":\"control_groups\",\"message_version\":\"0.1.0\",\"organization_name\":\"chef\",\"chef_server_fqdn\":\"ec2-54-173-52-30.compute-1.amazonaws.com\",\"recorded_at\":\"2015-03-05T21:26:25Z\",\"remote_hostname\":\"172.31.36.204\",\"request_id\":\"g3IAA2QAEGVyY2hlZkAxMjcuMC4wLjECAAN2pQAAAM4AAAAA\",\"node_name\":\"i-7093bf81\",\"id\":\"4f7e464a-69ba-4f57-a1f5-e3aa0ec2ba60\",\"run_id\":\"3225a373-d85a-496e-8767-1e38e67633a1\",\"control_groups\":[{\"name\":\"check sshd configuration\",\"status\":\"failure\",\"number_succeeded\":5,\"number_failed\":1,\"controls\":[{\"name\":\"should be installed\",\"status\":\"success\",\"details\":null,\"resource_type\":null,\"resource_name\":null,\"context\":[\"sshd package\"],\"sequence_number\":1},{\"name\":\"should exist with the right permissions\",\"status\":\"success\",\"details\":null,\"resource_type\":null,\"resource_name\":null,\"context\":[ |
juliandunn
/ kitchen-travis.md
Created
February 24, 2015 15:45
Doing integration testing on Travis CI with Test Kitchen and DigitalOcean
These notes were cribbed from the work that Sean O'Meara did for the Yum cookbook.
- Ensure Travis integration is on in GitHub.
- Set up Gemfile, Rakefile like the ones here
- Set up .kitchen.cloud.yml
- Set up a .travis.yml without all the encrypted secrets but with the tasks, matrix, etc. This .travis.yml needs to have env vars like DIGITAL_OCEAN_SSH_KEY_PATH set up unencrypted in the env->global section.
- Install the Travis gem on your workstation. Encrypt the secrets you will use. This is the trickiest part:
juliandunn
/ jira-kitchen.txt
Created
February 22, 2015 05:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ KITCHEN_YAML=.kitchen.cloud.yml kitchen converge | |
| -----> Starting Kitchen (v1.3.1) | |
| -----> Creating <default-centos-65>... | |
| Digital Ocean instance <4226737> created. | |
| (ssh ready) | |
| Finished creating <default-centos-65> (1m16.01s). | |
| -----> Converging <default-centos-65>... | |
| Preparing files for transfer | |
| Preparing dna.json |
juliandunn
/ ghost-remediation.rb
Created
January 31, 2015 05:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package 'glibc' do | |
| action :upgrade | |
| not_if "rpm -q --changelog glibc | grep -q 'CVE-2015-0235'" | |
| notifies :request_reboot, "reboot[ghost-detected]" | |
| end | |
| reboot 'ghost-detected' do | |
| action :cancel | |
| reason 'GHOST vulnerability detected, system must reboot' | |
| delay_mins 2 |
juliandunn
/ packages.rb
Last active
August 29, 2015 14:14
Refactored version of Chef RPM packages plugin; also expanded to handle dpkgs. Original source code: https://github.com/demonccc/chef-repo/blob/master/plugins/ohai/linux/rpm.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Author:: Claudio Cesar Sanchez Tejeda <demonccc@gmail.com> | |
| # Author:: Julian C. Dunn <jdunn@chef.io> | |
| # License:: Apache License, Version 2.0 | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 |
juliandunn
/ chef_groups_migration.py
Created
December 19, 2014 23:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Copyright 2013 Google Inc. All Rights Reserved. | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Note: On AIX, /bin/sh is Korn Shell. Don't use Bashisms here! | |
| # Partitions are too small to be useful. Expand them. | |
| chfs -a size=+2000000 /usr | |
| chfs -a size=+2000000 /opt | |
| chfs -a size=+2000000 /home | |
| chfs -a size=+2000000 /var | |
| chfs -a size=+2000000 /tmp |
juliandunn
/ aix-chef-client-known-issues.md
Last active
April 7, 2016 18:50
Currently known issues for Chef Client 12 & AIX.
- Our standard bootstrap procedure doesn't work (not that I think many folks on AIX will use it). A couple problems:
- Omnitruck doesn't understand BFFs and has invalid syntax for uname: chef/omnitruck#72
- Bootstrap SSH fails with
SSH debug returns "cipher_init: EVP_CipherInit: set key failed for aes128-cbc(when running in -VV) -- it will also fail to negotiate other cipher suites like 3des-cbc- Only fix I've found so far is to
installp -u security.pkcs11. The one suggested by IBM does not work: http://www-01.ibm.com/support/docview.wss?uid=isg3T1019142 - Maybe there's a patch for this. My LPAR is 7100-02-04-1341 which isn't the latest SP.
security.pkcs11is safe to remove as it has to do with hardware encryption devices (a rare use case). Customers can contact IBM if they have a hardware crypto device and need this package
- Only fix I've found so far is to
- Bootstrap assumes bash is available on the system so you get something like `k