I am proud to say that I have been working with the Hyperledger Fabric project nearly since it’s inception almost two years ago. While frustrating at times in the beginning (as is the case with most open-source, popular, and pre-alpha software), I have grown to enjoy working with the Fabric. It has improved my skills in a variety of areas such as golang, docker, encryption, pkcs11, continuous integration, and many more. Since the Fabric recently went 1.0, this blog post will focus on how to bootstrap the fabric without the aid of cryptogen tool.
Continue reading

It’s very tempting to use the most popular Linux distributions as a base for docker containers. In fact, most of the time, that is actually a good idea. However, when trying to build the most secure container possible, at the lowest possible size, these base images become bloat. Why include libraries and other binaries in your docker container if your application does not need them?
Continue reading

Let’s Encrypt is awesome! This service allows you to automate the retrieval of as many valid TLS certificates as you wish, as long as you can “prove” that you own the domain. One of the first proofs that they offered was the http-01 challenge. This proof works by essentially sending your domain a random HTTP GET request string which your lets-encrypt client must receive and send back.
Continue reading

MemSQL is a cool distributed In-Memory Database which offers high performance, sharded horizontal scale-out design, High Availability (with Enterprise edition), and the familiar SQL syntax. It also ships with a great looking GUI that displays most of information you need to know about your cluster.
Continue reading

It’s been the year of the no-sql distributed databases for me. Technically, it started a few years back when I discovered the ELK stack, but this year I found myself evaluating many more of these distributed databases for an exciting project at my workplace. A few months back I started playing with Apache Cassandra and was really impressed with it’s capabilities. However, I since switched my focus to evaluate a new kid on the block (or should I say block chain?) called bigchaindb which may be more suited to the requirements of our project.
Continue reading

When you install docker, by default it will create a bridged interface docker0 with a 172.17.0.0/16 subnet for container networking. It will also create a MASQUERADE rule on your POSTROUTING iptables chain for container NAT. If this subnet is being used elsewhere on your network, then you should change this default subnet to avoid losing connectivity to these other networks:
Continue reading

Migrations are a common part of being a Virtualization Admin. Most commonly you will be asked to perform P2V (physical to virtual), however there are times when you will have to migrate between virtual platforms. Most recently, I had to migrate a pair of VMs under the control of a third-party entity who were running some sort of xen environment.
Continue reading

Author's picture

gbolo

Security + DevOps Engineer

DevOps Engineer

Toronto