This is David Bock's Typepad Profile.
Join Typepad and start following David Bock's activity
Join Now!
Already a member? Sign In
David Bock
Northern Virginia
Principal Consultant
Interests: ruby, emerging technologies, java, project management, software engineering
Recent Activity
David, I think automated tools are fine for some stuff (like looking for accounts without passwords), but for tuning, I think they are worthless. No tool accounts for all the variants I see beween real hardware and virtualization, understanding how the application is using the database, knowing the read to write ratio, knowing if memory in the server is better used for innodb table caching, passenger instances, or memcache. Tools like that create a 'culture of ignorance' - you are following advice, you don't know why, and that script may have been written for a completely different situation than you find yourself in today.
Toggle Commented Apr 10, 2011 on Tuning MySQL at On the Path
Scott, *doh* I'd call it a typo, but it was ore like a brain-o... I meant Raid1, not raid0. Raid1 gives you two identical drives. Useful for a quick recovery if one fails, but *not* a backup. First, mistakes are immediately written to both drives. Second, both drives will have similar wear patterns, and if one fails, the other may be well on its way. Third, if the raid card fails, it can fail in ways that take out both drives. and Fourth, it doesn't give you any off-site backup. I have used Raid5 in the past, and with the size of today's drives, I think you are just inviting failure with it. It takes so long to rebuild after a drive failure in the array that you risk losing another drive.
Toggle Commented Apr 10, 2011 on Tuning MySQL at On the Path
Good advice on the allowed_hosts file Chris, just to prevent a boneheaded mistake. And yeah Mike, I get dozens of blocks a day on each of my servers. If you want to see a shocker, check out the tool 'logwatch'. I'll be blogging about that soon, but in short, It'll eail you a daily report analyzing your logs. Without denyhosts, you'll see thousands of login attempts a day to very common user names.
Toggle Commented Aug 18, 2010 on Securing SSH at On the Path
I agree with both of you, but only as part of a 'defense in depth' approach. Firewalling an open port can solve the problem, but never opening it to listen in the first place avoids having a problem to solve. It is important to secure memcache itself first, then have a firewall secure the whole machine. I use an iptables-based firewall called APF. That would be worth another entry, or perhaps two- one on APF, and one on 'defense in depth'. By the way, mysql has the same 'flaw' as memcache... It listens on port 3306, and should be configured to just bind to a specific Ethernet device ( if used as in the example above).
Toggle Commented Aug 8, 2010 on Securing Memcache in 2 Minutes at On the Path
I appreciate the comment, especially the analogy to ToastMasters. As a former TM myself, I think those ideas influence me in ways I don't explicitly call out. While I agree with your premise of stretching this out to "any", I'm trying to make a more down-to-earth, reasoned argument with regards to software development. Assessments and certifications are a territory rife with landmines and emotional baggage for our industry; I don't want to take on more than I have to in order to make a point.
Toggle Commented Jul 20, 2010 on Why Agile Assessments? at On the Path
So good news - I have a series of blog posts that cover a lot of this, and I will also have a sample project going up on github by Monday evening that is related to my Scottish Ruby Conference appearance this week. I'll answer some of your questions there in code, and follow up here with a link to it. I also saw your similar questions on github, and answered those there. Rather than repeat a 3+ page comment there, I think I'll clean that up and turn it into a blog post for people that find this thread to reference.
I would not intentionally misrepresent ruote. If things have changed since I last looked at it, I appreciate the correction. I'd ask that you return the favor of not misrepresenting StonePath, as this video on ruote: clearly criticizes state machines based on the same mis-perception of time-as-state this blog entry is set to correct.
John, When I talked about Ruote at both RailsConf and eRubyCon, my intent was to portray it in a favorable light, as I think it is an awesome tool. In my talk when I mention "workflow vendors", I'm talking about commercial tools which such complexity that, once in the door of an organization, tend to demand more and more from that organization - as Glenn Vanderberg discusses in his talk "Why 'enterprise tools' are bad for the 'enterprise'". If anything, I see Ruote as 'brothers in arms' against such tools. I mention Ruote as a viable alternative to, not a member of, that "workflow vendor" camp. While Ruote and Stonepath has different philosophical underpinnings, I see this as parallel to the different underpinnings of procedural, object-oriented, and functional languages. There is no 'one right way', there is room for all, as they all have different strengths and weaknesses. I'm glad to see Ruote has evolved - I saw the 2.x series of releases and hope to take a look at it again soon. My comments didn't mean to single it out, but I guess by say 'other process-based workflow tools', I effectively did. I mean to pick more directly on architectures I have seen that mismatch the Rails 'request-response' cycle with longer-lived processes, without either pushing stuff to cron tasks or starting long-lived processes like backgroundrb. I hope to have a blog entry soon on my Dreyfus Model statement, as I think that was more controversial than I meant it. My point was related more to 'wizard' or 'process funnel' user interfaces, which can map more easily to a process-based workflow than a state/task based workflow. Regarding the 'task manager' label, I think it doesn't emphasize the state or workflow aspect enough. I prefer to drop the 'engine' word from the description of state/task based workflow, as there is no long-running cpu process. 'Task Manager is overloaded in the cpu sense as well as the business sense. I also think that many developers, with a background in state machines from CS courses will naturally think of workflow with a state-based metaphor - I think StonePath simply takes that developer instinct, formalizes it, and adds more to the methodology.
The whenever gem looks fantastic - I love their dsl for scheduling. This work predates that gem, and frankly, I didn't know it existed... This is an extraction from a few real-world projects we have been working on for years. I bundled it up for our own use so we'd have consistency between them, and thought it worthy of sharing. While I like whenever's DSL, I like this gem's use of lockfile, the logging conventions, and the removal of the tasks before the deploy continues. I'm not a fan of the crontab surgery whenever is doing - I did the same kind of thing in my recipe in 'Advanced Rails Recipes', and I have seen that fail in odd ways.
Toggle Commented Sep 1, 2009 on Introducing Crondonkulous at On the Path