Don't Panic!

The epoch was an hour late

Published on January 1, 2021

The epoch – midnight on 1st January 1970 – is one of the most important moments in computing. Many systems store dates and times as the number of seconds (or milliseconds) since the epoch. When new year’s revellers counted down the seconds before Big Ben struck twelve for the first time in a new decade, who would have known that the moment would be significant fifty years on?

Except, it didn’t. On the moment that is represented as zero in Unix, C, Java and so many other systems, Big Ben did not strike twelve. At midnight on the 1st January 1970, Big Ben struck one.

Execute Around idiom in Java

Published on November 28, 2020

The Execute Around idiom is a pattern that allows you to wrap an action with some standard setup / tear down steps. Examples might include:

Execute within a lock: acquire the lock, do the action, release the lock
Resource handling: acquire the resource, do the action, close the resource
Execute as a user: switch to the user, do the action, switch back to the original user
Exception handling: do the action, handle the exceptions
Time an action: start a timer, do the action, stop the timer

The pattern allows you to pass in arbitrary actions and have them run with the same setup / tear down steps.

Reverse order a Stream in Java

Published on October 23, 2020

How do you reverse order a Stream in Java? There’s no obvious Stream.reverse() method. Is this an oversight in the API? Is there a workaround?

Private DNS for Native Windows Docker Container

Published on August 10, 2020

Docker Windows containers have a number of shortcomings, particularly around networking. One showstopper is that it doesn’t use the DNS of its host server. The expected behaviour in (Linux) Docker containers is that the Docker engine creates a virtual DNS for containers. The Docker DNS resolves containers by name (for Docker Swarm / Docker Compose) or delegates to the host DNS configuration. There are options to override this behaviour if necessary.

Native Windows containers don’t do this. Docker for Windows will resolve container names from the Swarm and will then use the default external DNS (Google DNS on 8.8.8.8) to resolve external addresses. It will not use the host machine DNS settings nor can its behaviour be overridden with the --dns flag. This is a serious problem if your container depends on services within a private / corporate network.

This appears to be an issue with the Docker Windows images (nanoserver / windowservercore) rather than with the engine. Microsoft might get round to fixing it but given its half-hearted support for Docker, it might not.

Initialize a Windows container with an entrypoint script

Published on May 26, 2020

A popular Docker article describes a pattern to initialize stateful container data at runtime. The example uses a Shell script to run the initialization and then pass control to the container’s main command. We can use the same pattern to initialize a Docker Windows container.

Deploying to Google Kubernetes Engine

Published on March 15, 2020

Previously we looked at building a Spring Cloud Data Flow on Kubernetes. As a follow up, we’re now looking at deploying to Google Kubernetes Engine. The great thing about Kubernetes you use exactly the same commands to manage a cluster on your laptop as on a server or cloud compute platform. Google has first class support for Kubernetes on the Google Kubernetes Engine so deploying the Primer application was very straightforward.

Continue readingDeploying to Google Kubernetes Engine

Spring Cloud Data Flow on Kubernetes

Published on February 29, 2020

Spring Cloud Data Flow is a powerful tool for composing and deploying message driven data pipelines. It allows us to compose simple Spring Cloud Stream applications into complex processing pipelines. It also takes care of deploying these pipelines into Kubernetes or into Cloud Foundry.

It’s powerful but has a lot of moving parts. It can be daunting to get a simple pipeline running. This article introduces the Primer demo for SCDF and describes how to deploy it into Kubernetes on a local development machine.

Secrets in Google App Engine

Published on April 27, 2019

Google App Engine makes it easy to deploy NodeJS applications. The GAE Standard Environment and SDK support NodeJS out of the box. This makes Google App Engine a great choice ahead of competitors such as Heroku, AWS or Microsoft Azure. Unfortunately though, there’s no support for managing secrets in Google App Engine. When I deployed Dog n Bone to GAE, I found this single shortcoming the main source of complexity.

There are however some workarounds. None of them is particularly nice though.

Detecting Twilio API login failures

Published on February 24, 2019

When I built out Dog n Bone – a browser phone powered by Twilio, I found that behavior on providing an incorrect accountSid / authToken was not quite what I expected. This post details how I detected Twilio API login failures in Dog n Bone.

Twilio uses ClientCapability tokens to grant access to API features. The back end obtains a ClientCapability object using a Twilio accountSid and authToken. It sets scopes on the ClientCapability to grant only necessary permissions on that account. API requests in the front end authenticate using the JWT created from the CapabilityToken. This mechanism allows the front end to authenticate to the API without exposing the Twilio accountSid / authToken.

SSH into a Docker Container

Published on November 30, 2018

Just sometimes, it’s useful to SSH into a Docker Container. While docker exec or docker attach are usually sufficient to run commands in a container, sometimes you specifically need SSH. For example, to connect directly from a remote machine or when an application needs to run commands on your container. Most Docker images don’t come with the SSHd service installed so it is not possible to SSH to them. This post demonstrates how to install and run the SSHd service to an existing image so that you can connect to it.

Don't Panic! Posts