Prefetch Technologies // Keeping your cache lines cozy

Archive

Posts from 2020

Collecting Nginx metrics with the Prometheus nginx_exporter

monitoringJul 7, 2020 1 min read

Over the past year I've rolled out numerous Prometheus exporters to provide visibility into the infrastructure I manage. Exporters are server processes that interface with an application (HAProxy, MySQL, Redis, etc.), and make their operational metrics available through an HTTP endpoint. The nginx_exporter is an exporter for Nginx, and allows you to gather the stub_status metrics in a super easy way. To use this exporter, you will first need to download the nginx_exporter binary from the projects Github release page…

$ read more →
earlier

Improving my Linux diff experience with icdiff

linuxJul 7, 2020 1 min

I recently came across icdiff. This little gem allows you to see the difference between two files, but what makes it special is its ability to highlight the differences (sdiff, which was my go to diff tool, doesn't have this feature): In the example above, icdiff highlighted the keyword "something" on line 11 in column 2. I really dig the highlighting, and its ability to print X lines before and after the match. You can also define the output column size which is helpful when you are working on the command line.

$ read more →

Using Kubernetes server side validation to validate your deployment manifests

kubernetesJun 29, 2020 1 min

Kubernetes server side validation recently landed, and it's a super useful feature. Prior to server side validation, you could use the kubectl dry-run feature to validate your deployment manifests: When this command runs, the validation occurs on the machine that hosts the kubectl binary. While useful, there are a few use cases were your manifest would validate locally, but wouldn't apply when you sent it to the API server. One example is if your kubectl binary was older than 1.16, and you tried to send a JSON payload with deprecated APIs to a 1.16+ API server…

$ read more →

Using mkcert to quickly create certificates for testing and development environments

developmentJun 29, 2020 2 min

As a developer, operator, and architect, I am always evaluating technological solutions. A fair number of these solutions use TLS, which requires minting new certificates. I recently came across mkcert, which makes it SUPER easy to provision new certificates for development and testing. To get started with mkcert, you will need to run it with the "-install" option: This will create a new CA certificate in $HOME/.local/share/mkcert, and update your trust stores so curl, Firefox, etc…

$ read more →

Enabling hashicorp vault auto-completion

infrastructureJun 16, 2020 1 min

Hashicorp Vault has become one of my favorite technologies over the past year. Secrets management is a non-trivial undertaking, and I'm routinely blown away by how easy vault makes secrets management. One nifty thing I recently learned is vault has auto-completion, which you can enable with the "-autocomplete-install" option: Once enabled, you can type vault followed by a tab to see all of the available options: This also works for subcommands, so typing $(vault audit TAB) will display the options that can be passed to the audit sub-command. I'm a huge fan of auto-completion, and try to use it whenever I can to improve my efficieny.

$ read more →