Architecture

Think about the services that only a few people need to access, but they need to be accessible from anywhere, over the internet. The internet is a giant untrusted monster network, full of evil people actively trying to harm you. If only a few people (let’s say in the ten-thousands) need to access your service, why do you make the service accessible to billions? It’s so asymmetrical. VPN Gateways VPN Gateways! They’re great! They sit on the edge of your network, and they let you access all your internal stuff! But if you want someone to be able to connect to your VPN over the internet, the VPN gateway itself must be publicly accessible. Yes, you likely have authentication on your gateway such as an IPSec Pre-Shared Key, and/or a username and password. But your gateway is still internet-facing, and let’s just say there are no guarantees for security. ...

There is very peculiar behavior when a Windows DNS server is starting up. With the right request timing can result in a client with a poisoned DNS cache for that lasts for 1 hour (by default). That just seems crazy to me. To reproduce the issue, I loaded up a Windows DNS server with hundreds of zones and hundreds of records in each zone to simulate a reasonably large environment where loading the DNS database when the DNS server service starts actually takes a few seconds instead of near-instantly. ...

I always get a kick out of reading reliability statistics presented by hard drive manufacturers. They always post these crazy numbers for their reliability stats. Not to pick on Western Digital (they are my personal favorite), but take a look at what they report on these WD Gold drives. Up to 2.5 MILLION hours MTBF 2.5 million hours is over 285 years. Hard drives haven’t even been around that long, so how can they rightly claim the their product on average doesn’t fail for 285 years? It’s all in the details of how they make these measurements in the first place and a lack of accounting for wear and tear. ...

Infrastructure as Code Infrastructure as code is a method of defining your infrastructure using plain text code which can be checked into a version control system and which an automation tool can read and then provision automatically. The benefit of this system is that infrastructure design is defined in a way that’s easy to understand and rebuild/reproduce automatically, quickly, and upon demand. In this post, we’ll go through setting up a composable infrastructure that I use to manage the services I create. ...

When I was first starting to learn how to build a scalable application, I wanted to make a render farm for Blender animations and so I did. It’s full of TBD’s, but hey! It works and it works well, I’ve used it on many projects. It can be used with preemptible instances on major cloud providers to rip through any rendering you need. Google owns a similar product named Zync, but mine is open source and web based instead of a thick plugin for your 3D software. ...

There are many ways to expose your containers to the outside world, but I’ve yet to come across something as cool as traefik! Whom am I kidding, there’s a lot of options out there that accomplish similar goals, but I found traefik to be the best at integrating them all into one package, and it’s yet to fail me. Throw any reasonable task at it, and traefik adapts - it supports a variety of integrations, what it calls Providers (see docs for all integrations) right out of the box. The reason I love traefik is that it’s a perfect fit as an ambassador for your other containers. ...

Many years ago, I fell in love with the idea of computer-generated art. While 3D rendering is fun, geometric art is what I love the most. One of my first programming projects was a computer generated Spirograph, which was a lot of fun to create. Spirograph It’s been a few years since making anything like this, but in the past year, I taught myself Go (which is a great language, Rust BTFO). Go is excellent for parallel processing, since it has concurrency primitives built in, and it has a lot of web technologies built right in, such as a fully functioning web server. Go has gained a lot of attention by folks that are writing distributed and scalable applications. Successful infrastructure projects such as Docker, Kubernetes, Prometheus, and Terraform are all written in Go, and if it’s good enough for these guys, it’s probably good enough for anything I’ll be making in the next few years. ...