A Day That Will Live in Infamy!

FDR proclaimed that December 7th would be a day that would live in infamy. Pearl Harbor was attacked in 1941. 80 years later to the day AWS had a major outage (for the us-east-1 region): https://www.theverge.com/2021/12/7/22822332/amazon-server-aws-down-disney-plus-ring-outage

It is an interesting coincidence.

Many people think that the us-east-1 region is the least reliable of Amazon's regional offerings. Amazon said their "Support Contact Center also relies on the internal AWS network, so the ability to create support cases was impacted …" According to Amazon, and they posted a summary of the outage here (along with the previous quoted sentence), the temporary lack of monitoring contributed to their problem. If you want to read about the recommended practices of monitoring, see this posting. One big takeaway is that to communicate with customers, it is important to not have a single-point-of-failure.

What Are Reliability, Scalability and Maintainability?

Question
You want definitions of some I.T. terms. In the context of application/system design, what are reliability, scalability and maintainability?

Answer

Reliability: Dependability or suitable for production; the property of performing consistently over time; worthy of being trusted at all times due to fault tolerance. A system that can perform despite hardware failures or regional data center failures is said to have reliability.

Scalability: the property to rapidly adjust to greater or lesser workloads; elasticity.

To be scalable a system must handle increased demand with minimal performance penalty; the system must also be able to quickly reduce resource consumption (for the sake of saving monetarily) when workloads contract based on business demands. Scalability is achieved by adding or reducing (but not limited to) the following (usually automatically): processing power (e.g., the number of CPUs, the size of the cache(s) and speeds of the cache(s), memory power (e.g., size and/or speed), and networking bandwidth. A system is said to have scalability when it can scale up/down (changing the quality of the underlying computing component) or can scale out/in (changing the quantity of the underlying computing component) with little notice.

A system with the ability to expand or contract capacity suddenly (either through manual intervention or automated processes) is said to have scalability.

Maintainability: the property of being able to keep the system itself in a useful state throughout its operation; the trait of being able preserve efficiency after it is deployed, reconfigured or optimized.
A system is said to have maintainability if professionals can operate on the system once it is live and/or after changes are made to the system. A common subtrait of maintainable systems is the logical abstraction of components to reduce operational complexity (source page 23 of Designing Data-Intensive Applications by Kleppman).

The presentation of these definitions (and their presentation in a single article as they are here) was influenced by Chapter 1 of Designing Data-Intensive Applications by Kleppman.

What is Cyclomatic Complexity?

Question
What is cyclomatic complexity or McCabe's complexity?

Answer
It refers to the number of times a line of source code is entered in its execution.

Number of executionsLevel of complexity
1 to 10 Not complex
11 to 20Moderately complex
21 to 50Really complex
More than 50Too complex

It is advisable to endeavor to keep the cyclomatic complexity as low as possible (according to this external site); you may want to refactor code beyond a certain threshold. The chart was adapted/taken from pages 474 and 475 of Expert Python Programming.

How Do You Do a Code Review?

Question
How do you do a code review?

Answer
Look for consistency in style (adherence to a style guide), functionality, and ensure unit tests and end-to-end tests were performed. Keep an eye out for security issues or maintainability issues. Deploying the code should be straightforward or well documented.

Page 307 of Terraform: Up & Running, 2nd Edition by Yevgeniy Brikman (O'Reilly), Copyright 2019, 978-1-492-04690-5 says code reviews should have 1) written documentation (on how to use the code and why it was written that way) 2) example code 3) code documentation.

Be respectful to the coder when requesting changes.

To learn more, see these postings:

https://google.github.io/eng-practices/review/reviewer/
https://medium.com/palantir/code-review-best-practices-19e02780015f
https://stackoverflow.blog/2019/09/30/how-to-make-good-code-reviews-better/
https://www.perforce.com/blog/qac/9-best-practices-for-code-review
https://www.infoq.com/articles/practices-better-code-reviews/

What is a VirtualHost in Apache Web Server?

Problem scenario
You do not think that Apache web server does virtualization (like a hypervisor). But you see the term Virtual Host when you read about Apache web server configurations. What is a VirtualHost in the context of Apache web server?

Solution

"Apache Virtual Hosts A.K.A Virtual Host(Vhost) are used to run more than one web site(domain) using a single IP address. " (This was taken from https://dasunhegoda.com/what-how-to-apache-virtual-host/444/.)

Apache web server usually publishes a directory of files to be presentable to a web browser. When there is more than one domain and those other domains are mapped to different directories, they are virtual hosts.

'Each domain or individual site — known as a “virtual host” — that is configured using Apache will direct the visitor to a specific directory holding that site’s information.' (This was taken from https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-18-04.)

Virtual Hosts are not the same as hypervisor virtualization.

Why Is a Linux File Getting a Different Group Name and Not The Group of the User That Created The File?

Problem scenario
A Linux user creates a file in a directory and no other manual commands are run. The file is associated with a group that is not the group of the user. What could be the reason?

Answer
The directory had a command like this run: 

sudo chgrp group2 /path/to/directory

Then the set GID bit was configured. The chmod 2755 /path/to/directory command would set the GID bit because of the "2" in the numeric notation.

Subsequent files in this directory will get the group "group2".

(This was taken from page 268 of The Linux Bible.)

What is a Git Tag?

Question
You have heard of git tags. What are they?

Answer
A Git tag is a pointer to a commit in Git (according to page 129 of Terraform: Up & Running, 2nd Edition by Yevgeniy Brikman (O'Reilly), Copyright 2019, 978-1-492-04690-5).
To create names for these tags, we recommend using semantic versioning as described http://semver.org (because page 129 of Terraform: Up & Running, 2nd Edition by Yevgeniy Brikman (O'Reilly), Copyright 2019, 978-1-492-04690-5 recommends it). "Typically, people use this functionality [Git tagging] to mark release points (v1.0, v2.0 and so on)." (This quote was taken from https://git-scm.com/book/en/v2/Git-Basics-Tagging.)

To run "git tag" commands, you can find examples like these on https://git-scm.com/book/en/v2/Git-Basics-Tagging:

git tag -a v1.4 -m "my version 1.4"
git tag -l "v1.8.5*"

What is a group_var or Group Variable in Ansible?

Question
You have heard of Group Variables in Ansible. What are they?

Answer
They are like global variables assigned in a modular way (like Ansible roles). They are ideal when you have Ansible playbooks that run against many different servers. Rather than have a regular variable in a playbook, group variables are taken from a group_vars/ directory. To read more about them, see this posting.

To use them, see this posting: How Do You Get Variables That Are Assigned a Value in an Ansible Playbook (i.e., a .yaml file) to Be Assigned from a Different File?

How Do You Configure Snyk’s Threshold Level in Azure DevOps Pipelines?

Problem scenario
You are troubleshooting a pipeline in Azure DevOps. You look at the task's log output. You see a security-threshold flag in a CLI with the value of "low", "medium", "high" or "critical" that you think is incorrect or discrepant with another setting. How do you get the flag to be set to the security threshold level of your choice?

Background
The ultimate Snyk command that is run (or commands that are run) is (or are) created from various underlying settings, YAML files, or tasks. The setting you choose will filter events at and above that security threshold level. There are different places to configure the threshold (e.g., with custom tasks, variables or multiple Snyk tasks).

Possible solution #1
Look at each Snyk task in your pipeline in the GUI. Does it have a "Testing severity threshold" drop down? Be sure to check every Snyk task. Make sure the drop down is set to what you want. Here is an example:

Possible solution #2
Check your pipeline's Variables tab. Maybe a variable is being injected in the composition step of a Snyk command. Is there a variable set to "low", "medium", "high" or "critical"?

Possible solution #3
Look at the YAML files of your Snyk tasks. You may be able to deduce what needs to change.

You may want to view this link for more information:
https://github.com/snyk/snyk-azure-pipelines-task