Posted on

How to Set Up PostgreSQL High Availability With Patroni

PostgreSQL is an open-source, versatile, and most popular database system around the world. However, it does not have any features for high availability.

Enter Patroni.  Patroni is a cluster manager tool used for customizing and automating deployment and maintenance of high availability PostgreSQL clusters. It is written in Python and uses etcd, Consul, and ZooKeeper as a distributed configuration store for maximum accessibility. In addition, Patroni is capable of handling database replication, backup, and restoration configurations.

Posted on

ContainerD Kubernetes Syslog Forwarding

You might have heard that starting version 1.20, Docker is no longer the container runtime in Kubernetes. Although this change didn't affect the core functionality of Kubernetes, or how pods work in their clusters, there were users that relied on resources provided by the Docker engine. A small sentence in the blog article calls out that a critical component would be affected: logging.

Docker was not the only container runtime at the time of this change. Most cloud providers of Kubernetes (GKE, EKS, or AKS) managed this upgrade by defaulting the new cluster's runtime to containerd. With this, their native tooling to export logs to their own logging services was properly migrated. If you would deploy a new cluster in version 1.20, you wouldn't notice that something has changed. Behind the scenes, the monitoring agents were upgraded along with the clusters to start using containerd as a source for logs. No outages, no missing information.

Posted on

How (and Why) to Use Couchbase as an XML Database

Couchbase and XML — No Problem!


I've heard it said dozens of times: "Hey, Couchbase is great but I use XML."

I recognize that countering with, "Couchbase can be your XML database" is pretty bold, especially for a JSON-oriented document database. Some folks in the Couchbase community might even do a double-take, but I hope you see what I mean by the end of this post.

Posted on

New Analysis Reveals Etherpad 1.8.13 Code Execution Vulnerabilities

Etherpad is one of the most popular online text editors that allows collaborating on documents in real-time. It is customizable with more than 250 plugins available and features a version history as well as chat functionality. There are thousands of instances deployed worldwide with millions of users. The project is very popular within the open-source community as shown by the over 10,000 stars on GitHub. Etherpad instances are often publicly usable and can contain sensitive information.

As part of SonarSource's security research on open source projects we analyzed Etherpad's code and found 2 critical vulnerabilities. Both can be combined by an attacker to completely take over an Etherpad instance and its data. In this blog post, we cover the technical details of these code vulnerabilities, show how they were patched, and give advice on how to avoid these types of bugs during development.

Posted on

A Spring Boot Developer’s Guide To Micronaut

This is a guide for Spring application developers who want to get started with using Micronaut. With this guide, you will get enough information to work with the Micronaut framework.

Introduction

Micronaut is a framework, which has gained its name for faster startup time and is usually preferred for solutions with AWS Lambda. It uses Ahead Of Time (AOT) Compilation to determine what the application needs. The result of this is an application that has a smaller memory footprint, fast start-up time, and is reflection-free.

Posted on

Improving Mobile App Performance With a Powerful Database

You are probably aware that there are seemingly endless options to consider when it comes to selecting a database and other technologies for your mobile app. With so many choices, it can be difficult and confusing to determine what really matters when it comes to your tech stack. A little while back, I wrote an extensive article on the different database architectures and use cases available to provide guidance on picking the right technology for the right project. While that is still an accurate and solid resource, this article takes a deeper dive into considerations for improving the performance of, specifically, mobile apps.

Mobile vs. Web Apps

First and foremost, perhaps we should take a quick look at the difference between mobile and web apps. Mobile apps live and run on a mobile device itself, whereas web apps are accessed through a web browser and will adapt to whichever device you're viewing them on. Native mobile apps are built for a specific platform, such as iOS for Apple or Android for, well, pretty much everything else. They are downloaded and installed through an app store and have access to system resources, such as GPS and the camera function. Web apps, however, are not native to a particular system and do not need to be downloaded or installed. Due to their responsive nature, they may look and function a lot like mobile apps, which is where some confusion arises.

Posted on

The Battle Between Linters, Scanners, and Data Flow Analysis

When it comes to security tools, you're typically balancing two things: how much time it takes for a tool to run to get deeper results vs. the quality of results returned.

As you might expect, faster tools scan just the source code in a single repo (without looking in the open-source libraries and SDK used) and may detect easy-to-find vulnerabilities. In contrast, tools that give better results and can find more challenging vulnerabilities with fewer false positives require more time to complete their scans.

Posted on

13 Lateral Movement Tactics Security Experts Should Recognize

One of the most curious elements of this year's Verizon Data Breach Investigations Report (DBIR) was the inclusion of the new attack pattern "system intrusions." Representatives from Verizon identified the category as a broad one that tends to include attacks with many steps, indicating significant lateral movement within the network. Research shows that many recent high-profile attacks involved lateral movement, including the Colonial Pipeline attack, the SolarWinds attack, and the Microsoft Exchange breach.

"Smash and grab" attacks used to be widespread: attackers would enter the network and steal/encrypt any data they could get their hands on. The rise of more sophisticated attackers, Ransomware 2.0, and other advanced threats has changed this. Attackers are now more willing (and able) to move around the network undetected, looking for the most valuable data to steal. They conduct reconnaissance, look for exposed or otherwise vulnerable credentials, and escalate their privileges, often targeting Active Directory (AD), which means complete domain dominance if they succeed.

Posted on

How to Pivot and Join Time Series Data in Flux

Merging multiple time series in InfluxDB using Flux may seem like a daunting task. Not anymore using this in-depth Flux tutorial, in which we will explain how to pivot, time shift, and join time series in InfluxDB.

In this InfluxDB tutorial, we will show you how to create an accurate overview of multiple time series with industrial data captured in consecutive production steps. Doing this requires a proper join mechanism for combining the time series into one after aligning them with respect to time.

Posted on

Boost Your Development Environment With Ubuntu Multipass

Ubuntu Multipass is part of the Ubuntu ecosystem, but it works fine on other platforms and operating systems. It can be found at https://multipass.run. I use it daily during my development work. It has become an indispensable tool for keeping my workstation clean. It helps with the testing and deployment of my software.

Flame Wars Disclaimer

This article is not about cloud, deployment strategies, Kubernetes, helm, swarms, AWS vs Azure and alike. It's about using virtual machines to help software developer and devops engineer with daily work.

Posted on

Unable to burn DVD

Hello. I'm tring to burn an ISO to a DVD (Windows 10 installation disc). But all the burning programs tell me that somethingis wrong, for example

"Mediadetectie mislukt" which means "Media detection failed" and other programs keep the "burn" button gray.

Is there something I can do?

Posted on

Is AI Bias an Open-Ended Issue that needs an Unbiased Perspective?

As the AI continuum keeps ascending, certain elements of the realm keep getting reproached with justifiable vindications. Artificial Intelligence (AI), initially aimed at helping humans make fairer and more transparent calls has been progressively showing signs of bias and flawed decision making. But then, it isn’t the technology that should be blamed as what drives clarity asunder is the inadequate extraction and contextual techniques— something I shall be covering at length, later in this discussion.

How Is AI Bias Even a Thing?

 

Posted on

How to Fight the Coming Latency Wars

We certainly live in an age of wonders. We have supercomputers in our pockets, a global Internet, and applications in the cloud. In less than a lifetime, our four-channel television, rotary dial telephone world has transformed, bringing futuristic science fiction to everyday technology reality.

AI continues to advance its penetration into our lives as it seeks ubiquity. The 5G rollout is well underway as consumers snap up the latest generation of 5G devices. Software infrastructure and applications are keeping pace with the rapid maturation of cloud-native computing.

Posted on

HELP RE-WRITING CODE

HI, CAN I GET SOME HELP RE-WRITING THE BELOW. CODE 2 REFERENCES CODE 1 USING $sendData VARIABLE. I WOULD LIKE TO REMOVE CODE 1 COMPLETELY. CAN I GET HELP WRITING CODE 1 INTO CODE 2, PERHAPS IN FORM OF ARRAY?

CODE 1

$sendData = '{ "messages" : [ { "content" :  "$my_order", "destination" : "0718860000" } ] }';

CODE 2

$options = array(
    'http' => array(
        'header'  => array("Content-Type: application/json", $authHeader),
        'method'  => 'POST',
        'content' => $sendData,
    )
);
Posted on

What is No-Code and Low-Code?

According to Gartner No-Code and Low-Code will deliver 50% of all software projects in the year 2021. Even if these numbers are inflated, you'd have to be living under a rock to avoid noticing it is gaining traction, and it is gaining traction very, very, very fast. Hence; What exactly is it? Will it steal your job? And why should you even care?

The difference between Low-Code and No-Code

First of all, there is a huge difference between No-Code and Low-Code. No-Code is typically targeting "citizens", as in people not able to create software systems themselves due to lack of software development skills. No-Code is often referred to as "citizen development" - Implying people without knowledge about programming language and software development theory can create software systems. No-Code is useful for simple customer facing frontends, with some interaction with pre-defined services, and simple database structures. However, we're a far cry away from being able to deliver complex systems using No-Code, and I am not sure if we will ever reach that point either. Besides, even No-Coders requires low level modules and components to interact with, something typically accomplished by working together with a "real" software developer, churning out these components such that the "citizen" can orchestrate these components together.

Posted on

Variable not recognised

From the below, how can I make the variable $new_status recognisable within those brackets?

$sendData = '{ "messages" : [ { "content" : "Your order is $new_status.", } ] }';

Problem: The above sends out text message successfully on status update, but the variable $new_status does not get updated.

I think within the those brackets php is not recognising the $new_status as a variable. I notice that if i insert one apostrophe (') just before $new_statusn like this '$new_status the variable turns green meaning it is recognised, however i get error in php that says Unexpeted T Variable