Archive
Posts from 2017
Exporting Wordpress Posts To Markdown
I've been running my technology blog on top of Wordpress for the past 12-years. It was a great choice when i started but the core product has morfed into more than I need. When you combine that with a constant stream of security vulnerabilities I decided last month it was time to move to a static website generation tool. Like any new venture I sat down one Saturday morning and jotted down the requirements for my new website generator: Ability to describe my content through markdown * Seperation between content and the layout of the content Theme support * Tooling to export my existing wordpress posts to markdown Thriving user community Utilize disqus for comments Quick content generation I experimented with Jekyl, Pelican and Hugo and after several weeks of testing I fell in love with Hugo…
$ read more →Using docker volumes on SELinux-enabled servers
I was doing some testing this week and received the following error when I tried to access a volume inside a container: When I checked the system logs I saw the following error: The docker container was started with the "-v" option to bind mount a directory from the host: The error shown above was generated because I didn't tell my orchestration tool to apply an SELinux label to the volume I was trying to map into the container. In the SELinux world processes and file system objects are given contexts to describe their purpose. These contexts are then used by the kernel to allow processes to access file objects if policy allows it. To allow a docker container to access a volume on a SELinux-enabled host you need to attach the "z" or "Z" flag to the volume mount…
$ read more →Which file descriptor (STDOUT, STDERR, etc.) is my application writing to?
When developing ansible playbooks a common pattern is to run a command and use the output in a future task. Here is a simple example: In the first task dnf will run and the output from the command will be placed in either STDOUT or STDERR. But how do you know which one? One way is to add a debug statement to your playbook: Once the task runs you can view the stderr and stdout fields to see which of the two is populated: In the output above we can see that stderr is empty and stdout contains the output from the command…
$ read more →Working around the ansible "python2 yum module is needed for this module" error
During a playbook run I was presented with the following error: The role that was executing had a task similar to the following: The OS on the system I was trying to update was running Fedora 26 which uses the dnf package manager. Dnf is built on top of Python3 and Fedora 26 no longer includes the yum Python 2 bindings by default (if you want to use the ansible yum module you can create a task to install the yum package). Switching the task to use package instead of yum remedied this issue. Here is the updated task: The issue was easy to recognize after reading through the yum module source cod e…
$ read more →The subtle differences between the docker ADD and COPY commands
This weekend I spent some time cleaning up a number of Dockerfiles and getting them integrated into my build system. Docker provides the ADD and COPY commands to take the contents from a given source and copy them into your container. On the surface both commands appear to do the same thing but there is one slight difference. The COPY command works solely on files and directories: The ADD instruction copies new files, directories or remote file URLs from and adds them to the file system of the image at the path …
$ read more →