mfojtik blog

Look at you, hacker. A pathetic creature of meat and bone, panting and sweating as you run through my corridors. How can you challenge perfect immortal machine

Building secure Docker images

A lot was written about Docker security and how to run Docker in a secure way. But there are not many articles describing how to write Docker images, which are secure and easy to maitain. According to this article over 30% of the official Docker images published to Docker Hub contain some security vuleabilities. Here is my list of rules to follow when I’m building Docker images: Do not run as “root” - almost every image published on Docker hub does not set the USER instruction, which means they expect to be run as the root user.

Simple file hosting on OpenShift

I often need to upload something really fast to make it available for somebody. That includes PDF files with my presentations, error logs, pictures or random meme pictures I can then link to. In 99% of cases all I want is to simply scp the file into my DigitalOcean instance and run some small web server serving the directory where I uploading the file to public. To make this possible on OpenShift v3 that I run, following was needed: A persistent volume where I can just upload the files (/data/files) A Docker image with a web server A pod that run this image A persistent volume claim attached to this pod So I started exploring Github and I found ran.

How to run Hugo on OpenShift v3

In my previous post I described how I transitioned myself into the container era by installing the OpenShift v3 in DigitalOcean and containerizing my applications. This post will describe how I moved from my previous blog engine to Hugo engine. My previous blog engine was a hand-written Sinatra application that was just serving Markdown files. Everything else was just Javascript. While that seems pretty decent and minimal, in fact it is not.

Running OpenShift v3 on DigitalOcean

I’m running this blog (and couple other blogs and side-projects) on DigitalOcean since 2014. Till this week, my VM looked like a typical VM from 90’: mysql server, nginx+php, irssi. Nothing special about that setup really. But, since I’m currently busy working on the OpenShift v3 platform, I convinced myself to upgrade to the “containers era”. This blog post describes the steps I’ve take to run the latest OpenShift v3 platform and next post will explain how I containerized the apps I ran (this site included).

Publishing reveal.js presentations using OpenShift

There are numerous reasons why I love creating my slides as a simple HTML page, for example, I don’t want to collect emails of people that ask me to send them those, or I’m not worried that the format of my slides will not be recognized or the presentation will look terrible on someone else’s machine. The other reason is that I simply hate all presentation software, including Apple Keynote, LibreOffice Presenter or the one from Microsoft.

Mounting Deltacloud API into your application

Yes, it’s is possible through Rack::Builder: You can use thin to start this application: $ thin -R config.ru start Now, the Deltacloud API is ‘mounted’ into your application and you can access it on “/api” URL.

Publishing reveal.js presentations using OpenShift

There are numerous reasons why I love creating my slides as a simple HTML page, for example, I don’t want to collect emails of people that ask me to send them those, or I’m not worried that the format of my slides will not be recognized or the presentation will look terrible on someone else’s machine. The other reason is that I simply hate all presentation software, including Apple Keynote, LibreOffice Presenter or the one from Microsoft.

OpenShift v2 in DigitalOcean

DigitalOcean is a new IaaS provider, similar to the Amazon EC2. Comparing to the AWS, DigitalOcean is still a small fish in the IaaS cloud market, but due to their offerring of SSD storage, they are attracting more and more users. OpenShift is a PaaS service, developed by Red Hat. OpenShift Origin, compared to the Heroku is an OpenSource project, so you can install it on your own machine and then run your own PaaS.

Ruby websockets on Openshift

Few months ago, Openshift announced support for websockets on their site, with nice examples how to use then using the Node.JS. Since using websockets in Node.JS is easy because the Node.JS web server supports them, the situlation in Ruby is a bit more complex. The Ruby cartridge by default runs Apache with Passenger, which makes implementing websockets a bit tricky. Fortunately, Openshift permits us to replace the default web server with a different server that has support for this new cutting-edge technology.

Sequel database migrations

As we added the database support to Deltacloud CIMI using Sequel ORM, the one problem we were thinking about were database migrations. What if someone started using Deltacloud CIMI and meanwhile we made some changes to the database schema? For example, what if we added, renamed or deleted a new column in table? In that case once we have pushed a new release out, this user would face to numerous errors coming out from the Deltacloud server.