SpringFramework

2019 was partly spent learning about Spring at work. We have a couple of microservices that are make good use of it in the app tier. There are so many good ideas in here worth study. Here are my notes:

-Dspring.profiles.active: Used to selectively load or not components defined in a spring application. eg We can selectively load / activate capabilities by environment: @Profile(“dev”)

# Profile tagging with annotations @Component @Profile("dev") Public Class DataSourceConfig {...} # Profile tagging in xml <beans profile="dev">...</beans>

Sources

Yaml

Heredoc that converts newlines to spaces and ignores leading indent

a_long_line: >
    line 1
    line 2
    line 3
    ...

# Prints: line 1 line 2 line 3

Heredoc that preserves newlines and ignores leading indent

private_key: |
    line 1
    line 2
    line 3
    ...

# Prints:
line 1
line 2
line 3
...

Ansible

Perf
Gathering facts is expensive
If you can skip this step, do so
I have a couple plays that looks at memory
Think about tuning the number of forks
5 is the default
Too many doesn't work (kinda heavy weight)
25-50 is probably good for a dedicated ansible server
5-25 for a dev machine
Use scp (default is sftp)
Increase ControlPersist (default 60s)

Sample ansible.cfg
[default]
gathering = smart
gather_subset = min
fact_caching = jsonfile
fact_caching_connection = ~/.ansible/cache
fact_caching_timeout = 3600
forks=50

[ssh_connection]
pipelining = True
scp_if_ssh = True
ssh_args = -C -o ControlMaster=auto -o ControlPersist=15m
Python3 is better than python2

Use ansible to update centos packages

List updates
> ansible -i "hosts / inventory file," all -m yum -a "list=updates"

Apply updates
> ansible -i "host / inventory file," all -m yum -a "name='*' state=latest"

Jq

Powerful json message parsing on the command line

# Gets me all keys connected to the doc node
jq '. | keys' a.json

# Tells me how many sub docs are rooted at events
jq '.events | count' a.json

# Generate a csv from a json array
# https://stackoverflow.com/questions/32960857/how-to-convert-arbitrary-simple-json-to-csv-using-jq/32965227#32965227
jq -r '(map(keys) | add | unique) as $cols | map(. as $row | $cols | map($row[.])) as $rows | $cols, $rows[] | @csv' a.js.out

# Filter a list of json documents by the State field
# Like Java's stream programming model (and other languages?)
#   filter, map, reduce!
cat a.sh.out | jq '.BackupJobs | map(select(.State == "FAILED"))'

20191003

Read

Cloudflare

I’m looking into Cf for work. Beefing up our app’s edge in a bunch of ways is high up on our list of things to do this quarter: eg a web application firewall would be very nice, a cdn too for statics that we can purge (our frontend will soon be getting an upgrade to a fancy modern javascript framework – vuejs – which will make a purge button less important but for now we need one :)), ddos mitigation, etc. Yes. This will be most excellent to get started with.

Notes

Security

Feature nameDescription
Rate limiting
Monitoring
Cost
Threat protection
Web application firewall
SSL / TLS
DDoS protection

Performance

Feature nameDescription
Cdn
Load balancing
CachingHow is this different from the Cdn?
Resource optimizationsImage optimization
Mobile optimization

I’ll do a bit of digging into each of those Cf platform capabilities next. It seems bloody incredible!